summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-03-19 20:26:27 +0100
committerMichael Tänzer <neo@nhng.de>2013-03-19 20:26:27 +0100
commitf536427110de8b052bf24827ca66bdc2c8f81937 (patch)
tree55c8b9d6e7d9998a37ebe0fdb11accb703d1f6d3
parentef6fa684e0c1ac2155036cc2981c65482de92bfc (diff)
downloadcacert-devel-f536427110de8b052bf24827ca66bdc2c8f81937.tar.gz
cacert-devel-f536427110de8b052bf24827ca66bdc2c8f81937.tar.xz
cacert-devel-f536427110de8b052bf24827ca66bdc2c8f81937.zip
bug 918: Raise the limit for RSA keys to 2048 bits now that we have fixed
the key generation in IE (bug #964) Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--includes/lib/check_weak_key.php7
1 files changed, 1 insertions, 6 deletions
diff --git a/includes/lib/check_weak_key.php b/includes/lib/check_weak_key.php
index ca13ba2..217b885 100644
--- a/includes/lib/check_weak_key.php
+++ b/includes/lib/check_weak_key.php
@@ -137,7 +137,7 @@ function checkWeakKeyText($text)
$keysize = intval($keysize[1]);
}
- if ($keysize < 1024)
+ if ($keysize < 2048)
{
return sprintf(_("The keys that you use are very small ".
"and therefore insecure. Please generate stronger ".
@@ -145,11 +145,6 @@ function checkWeakKeyText($text)
"found in %sthe wiki%s"),
"<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
"</a>");
- } elseif ($keysize < 2048) {
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for small ".
- "key (< 2048 bit) requested", E_USER_NOTICE);
}