[Operators] Please enable Forward Secrecy for your servers!

Peter Kieser peter at kieser.ca
Mon Jul 20 22:07:57 UTC 2015



On 2015-07-10 2:47 AM, Mathias Ertl wrote:
> * Have a valid 4096 bit certificate with at least a sha256 signature.

4096 bit seems a bit excessive. NIST is still recommending 2048 bit from 
2011 to 2030.

-Peter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4311 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20150720/a6d0011a/attachment.bin>


More information about the Operators mailing list