OTC VOTE: RSA public exponent validation in 3.0

Kurt Roeckx kurt at roeckx.be
Wed Aug 11 06:32:34 UTC 2021


On Tue, Aug 10, 2021 at 11:54:19AM +0100, Matt Caswell wrote:
> topic: RSA public exponent validation in 3.0 for the default provider should
> be
> consistent with 1.1.1

I think this is one of those conflicts between providing a general
crypto library, and providing something that is secure by default.
As far as I know, at least NIST recommends it to be bigger, and
it's been adopted CA/Browser forum as requirement too.

The vote is also about the default provider, I assume that the
FIPS provider will enforce this both at creation and use time.

I think that we should follow the recommendations, and at least
enforce this by default for the creation of new keys. But it's not
clear if this vote is just about creation, or also about using
such a key. So I'm voting -1.


Kurt



More information about the openssl-project mailing list