----- Original Message -----
From: "Florian Weimer" <fweimer(a)redhat.com>
To: security(a)lists.fedoraproject.org
Sent: Friday, June 6, 2014 10:58:17 AM
Subject: Re: available crypto policies
On 06/05/2014 04:41 PM, Eric H. Christensen wrote:
> Who still uses 1024-bit keys? You aren't finding a CA to sign them.
By default, sshd uses 1024 bits for the protocol 1 ephemeral server key.
Isn't version 1 completely broken and you shouldn't use it at all?
Just like SSLv2?
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: hkario(a)redhat.com
Web:
www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic