why 3072-bit keys?

Cantor, Scott cantor.2 at
Wed May 31 11:09:23 EDT 2017

On 5/31/17, 11:01 AM, "users on behalf of Wessel, Keith" <users-bounces at on behalf of kwessel at> wrote:

> One of our developers was looking at yesterday, reproducing its functionality elsewhere, and he noticed that it
> generates 3072-bit keys for the SP. I would have expected a 2048-bit key size. Obviously, the 3072-bit keys are that much more
> secure, but I'd think once you get past 2048 bits, it becomes somewhat academic.

If we had a discussion about whether to increase the size I don't remember it in detail other than that it doesn't hurt anything, and eventually 2048 is doomed just like 1024.

-- Scott

More information about the users mailing list