DSA default algorithm for keytool -genkeypair. Bad choice?

Adam Petcher adam.petcher at oracle.com
Thu Oct 11 13:30:04 UTC 2018


On 10/10/2018 5:05 PM, Anthony Scarpino wrote:

> On 10/10/2018 07:42 AM, Weijun Wang wrote:
>>
>> If not DSA, should RSA be the new default? Or maybe RSASSA-PSS (I 
>> wonder if RSASSA-PSS signature can always use legacy RSA keys) or EC? 
>> We don't have an option to specify ECCurve in keytool yet (a string 
>> -keysize).
>>
>> --Max
>>
>>
>
>
> I would rather get rid of the default completely.

+1

In addition to the usual problems with defaults, there is also the issue 
that the user doesn't specify how the key pair can be used. The current 
default produces a key that can only be used with signatures, but if we 
change the default, then the key may also be used for encryption (RSA) 
or key agreement (EC). I worry about the problems that can arise if we 
change the default in a way that increases the capability of the key 
pair that is produced.









More information about the security-dev mailing list