RavenDB Security Report: Non-high Strength RSA Keys

added by DotNetKicks
4/4/2018 2:23:11 PM

1 Kicks, 203 Views

Because of that, the general recommendation is to use at least 3072 bits, but I don't like that number, so RavenDB is now using 4096 bits RSA keys when it needs to generate a certificate. This significantly increases the certificate generation time (to the point where it is humanly observable!), but that is a very rare operation, so we don't really care.