[Tickets #12099] Re: create gpg keys for the 21th century
noreply at bugs.horde.org
noreply at bugs.horde.org
Mon Mar 18 11:19:36 UTC 2013
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/12099
------------------------------------------------------------------------------
Ticket | 12099
Updated By | o+horde at immerda.ch
Summary | create gpg keys for the 21th century
Queue | Horde Base
Version | Git master
Type | Bug
State | Feedback
Priority | 2. Medium
Milestone |
Patch | 1
Owners | Michael Slusarz
------------------------------------------------------------------------------
o+horde at immerda.ch (2013-03-18 11:19) wrote:
> make default pgp keylength 2048
> The issue is not security but performance -- generating sufficient
> random bits via a web request can take ages (minutes) on certain
> systems. These kind of requests can block PHP and cause DoS
> problems if a user keeps reloading the page because the request is
> taking too long.
I partly agree but i guess you could dos just as well using 1024 bit keys....
but indeed i first tried to make it configurable in this patch:
https://github.com/immrr/horde/commit/63315234f112e138e48b36b06e5e30c59bb7a7c8
but i reverted this patch, since it was suggested that 2048 could be
set as hardcoded default and the patch wrongly put the option in
prefs.php.
i can try to implement the feature again via conf.php, would you
consider to merge this? because e.g. in our setup we could easily
enable longer keys, since we have an entropy key.
More information about the bugs
mailing list