[Openid-specs-fapi] Issue #209: Ciphers (openid/fapi)
Dave Tonge
issues-reply at bitbucket.org
Thu Jan 10 11:56:19 UTC 2019
New issue 209: Ciphers
https://bitbucket.org/openid/fapi/issues/209/ciphers
Dave Tonge:
There is a relevant discussion here: https://github.com/ConsumerDataStandardsAustralia/infosec/issues/1
I suggest that we make the guidance clearer in FAPI around length of keys, eg. from BCP195:
> With a key exchange based on modular exponential (MODP) Diffie-
Hellman groups ("DHE" cipher suites), DH key lengths of at least 2048
bits are RECOMMENDED.
This has been misunderstood by a few people
More information about the Openid-specs-fapi
mailing list