Date: Mon, 08 Jun 2015 22:50:35 +0200 From: Roland van Laar <roland@micite.net> To: freebsd-doc@freebsd.org Subject: Re: [Bug 199379] [PATCH] Update SSL key generation to today's standards. Message-ID: <5576001B.6040806@micite.net> In-Reply-To: <bug-199379-9@https.bugs.freebsd.org/bugzilla/> References: <bug-199379-9@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, I submitted this patch almost 2 months back. It is a patch to help FreeBSD users generate secure SSL keys. What can I do to get this patch excepted? Regards, Roland On 11-04-15 16:50, bugzilla-noreply@freebsd.org wrote: > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199379 > > Bug ID: 199379 > Summary: [PATCH] Update SSL key generation to today's > standards. > Product: Documentation > Version: Latest > Hardware: Any > OS: Any > Status: New > Keywords: patch > Severity: Affects Only Me > Priority: --- > Component: Documentation > Assignee: freebsd-doc@FreeBSD.org > Reporter: roland@micite.net > Keywords: patch > > Created attachment 155478 > --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=155478&action=edit > Patch for openssl chapter in handbook. > > The current SSL key generation chapter contains a few inaccuracies and > the generated keys are not up to date with today's standards. > > This patch shows how to generate secure keys and includes a good place for more > information, namely the openssl cookbook. > > Mainly: > > - Use RSA for key generation, instead of DSA. > - Fix documentation that lied about generation an RSA key while it actually was > DSA. > - Use SHA256 for signatures instead of older SHA1: > http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html > - Use recommended 2048 bits instead of 1024. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5576001B.6040806>