DSA default algorithm for keytool -genkeypair. Bad choice?
Michael StJohns
mstjohns at comcast.net
Wed Oct 10 20:52:06 UTC 2018
On 10/10/2018 10:42 AM, Weijun Wang wrote:
>
>> On Oct 10, 2018, at 7:59 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> There is really no other reason other than DSA keys have been the default keypairs generated by keytool for a long time, so there are some compatibility issues we would have to think through before changing it to another algorithm such as RSA. Weijun might have more insight into that.
> Not really. It was the default before I join Sun Microsystems many many years ago. Maybe it was a NIST standard?
us government FIPS. It still is. But mostly US gov't is doing EC these
days... at least until all the quantum fear and doubt started creeping in.
>
> As for compatibility, as long as someone is still using DSA then they might not be specifying the -keyalg option.
>
> If not DSA, should RSA be the new default? Or maybe RSASSA-PSS (I wonder if RSASSA-PSS signature can always use legacy RSA keys) or EC? We don't have an option to specify ECCurve in keytool yet (a string -keysize).
I'm away from the source code - but isn't it possible to configure the
default in java.security? Maybe what you is add a warning of the new
default unless disabled in java.security or explicitly set there?
Mike
>
> --Max
>
>
More information about the security-dev
mailing list