| 1 |
On Monday 09 Sep 2013 20:24:56 Michael Orlitzky wrote: |
| 2 |
> On 09/09/2013 02:07 PM, Mick wrote: |
| 3 |
> > On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote: |
| 4 |
> >> On 09/09/2013 01:28 AM, Mick wrote: |
| 5 |
> >>> Are you saying that 2048 RSA keys are no good anymore? |
| 6 |
> >> |
| 7 |
> >> They're probably fine, but when you're making them yourself, the |
| 8 |
> >> extra bits are free. I would assume that the NSA can crack |
| 9 |
> >> 1024-bit RSA[1], so why not jump to 4096 so you don't have to do |
| 10 |
> >> this again in a few years? |
| 11 |
> > |
| 12 |
> > Right, but my router won't work with keys larger than 2048 and its |
| 13 |
> > admin GUI is controlled with 1024-bit public certificate. |
| 14 |
> |
| 15 |
> How often do you need to admin the router? Just do it from home (i.e. |
| 16 |
> on the LAN side). |
| 17 |
|
| 18 |
Yes, that's how I do it, or I VPN into the LAN from the outside if there is |
| 19 |
some emergency. However, the VPN SSL keys can't be any larger that 2048-bit. |
| 20 |
|
| 21 |
-- |
| 22 |
Regards, |
| 23 |
Mick |
Archives