From ca3aaaeb369633cd65c8cc29dde88daff2c38e8c Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Thu, 1 Jan 2009 23:49:29 +0000 Subject: [PATCH] keys: Fix defaults and documentation. Organization: Straylight/Edgeware From: Mark Wooding A small number of related changes. * Make the default encryption algorithm be Rijndael (AES) rather than Blowfish. I think this is now the right recommendation to make, even if it's not my personal taste. (I'm actually using Twofish nowadays anyway.) * Make the default field size for Schnorr groups be 3072 bits rather than 2048, which reflects the advice given by NIST and IEEE 1363. * Reformat the tripe-keys.master file in line with current thinking. * Fix a minor typo in tripe-keys.conf.5.in. --- keys/tripe-keys.conf.5.in | 12 ++++----- keys/tripe-keys.in | 10 +++---- keys/tripe-keys.master | 55 ++++++++++++++++++++++----------------- 3 files changed, 42 insertions(+), 35 deletions(-) diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in index c6e0f257..ad3173d3 100644 --- a/keys/tripe-keys.conf.5.in +++ b/keys/tripe-keys.conf.5.in @@ -155,14 +155,14 @@ center; _ kx kx-param _ -dh \-LS \-b2048 \-B256 +dh \-LS \-b3072 \-B256 ec \-Cnist-p256 _ .TE .TP .I kx-expire Expiry time for generated keys. Default is -.BR "now + 1 day" . +.BR "now + 1 year" . .TP .I hash Hashing algorithm to use. Default is @@ -233,9 +233,9 @@ center; _ sig-genalg sig-param _ -dh \-LS \-b2048 \-B256 -dsa \-b2048 \-B256 -rsa \-b2048 +dh \-LS \-b3072 \-B256 +dsa \-b3072 \-B256 +rsa \-b3072 ec \-Cnist-p256 _ .TE @@ -271,7 +271,7 @@ and .IB repos-base . .TP .I sig-file -Tempalte for repository signatures. Default is the concatenation of +Template for repository signatures. Default is the concatenation of .I base-dir and .IR sig-base . diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in index b0dbf945..6e947e52 100644 --- a/keys/tripe-keys.in +++ b/keys/tripe-keys.in @@ -217,10 +217,10 @@ def conf_defaults(): ('conf-file', '${base-dir}tripe-keys.conf'), ('upload-hook', ': run upload hook'), ('kx', 'dh'), - ('kx-param', lambda: {'dh': '-LS -b2048 -B256', + ('kx-param', lambda: {'dh': '-LS -b3072 -B256', 'ec': '-Cnist-p256'}[conf['kx']]), ('kx-expire', 'now + 1 year'), - ('cipher', 'blowfish-cbc'), + ('cipher', 'rijndael-cbc'), ('hash', 'sha256'), ('master-keygen-flags', '-l'), ('mgf', '${hash}-mgf'), @@ -235,10 +235,10 @@ def conf_defaults(): 'rsapss': 'rsa', 'ecdsa': 'ec', 'eckcdsa': 'ec'}[conf['sig']]), - ('sig-param', lambda: {'dh': '-LS -b2048 -B256', - 'dsa': '-b2048 -B256', + ('sig-param', lambda: {'dh': '-LS -b3072 -B256', + 'dsa': '-b3072 -B256', 'ec': '-Cnist-p256', - 'rsa': '-b2048'}[conf['sig-genalg']]), + 'rsa': '-b3072'}[conf['sig-genalg']]), ('sig-hash', '${hash}'), ('sig-expire', 'forever'), ('fingerprint-hash', '${hash}')]: diff --git a/keys/tripe-keys.master b/keys/tripe-keys.master index eef2a00c..01e094ba 100644 --- a/keys/tripe-keys.master +++ b/keys/tripe-keys.master @@ -1,48 +1,55 @@ -# tripe-keys configuration file -# -# see tripe-keys.conf(5) for full details +### -*-conf-*- +### +### tripe-keys configuration file +### +### see tripe-keys.conf(5) for full details -### File locations (required) +###-------------------------------------------------------------------------- +### File locations (required). -# The base URL for the repository files. Include the trailing slash if -# necessary. +## The base URL for the repository files. Include the trailing slash if +## necessary. # base-url = http://some.server.somewhere/blah/ -# The local directory name for the repository files. Again, include the -# trailing slash if necessary. +## The local directory name for the repository files. Again, include the +## trailing slash if necessary. # base-dir = /some/directory/blah/ -### Crypto parameters +###-------------------------------------------------------------------------- +### Crypto parameters. -# The key-exchange type. May be `dh' or `ec'. +## The key-exchange type. May be `dh' or `ec'. # kx = dh -# Key-generation parameters for key exchange group. -# kx-param = -LS -b2048 -B256 +## Key-generation parameters for key exchange group. +# kx-param = -LS -b3072 -B256 +# kx-param = -Pnist-p256 -# Expiry time for peer key-exchange keys. -# kx-expire = now + 1 day +## Expiry time for peer key-exchange keys. +# kx-expire = now + 1 year -# Symmetric encryption scheme to use. -# cipher = blowfish-cbc +## Symmetric encryption scheme to use. +# cipher = rijndael-cbc -# Hash function to use. (We derive the MGF and MAC from this.) +## Hash function to use. (We derive the MGF and MAC from this.) # hash = sha256 -# Signature scheme to use for signing/verifying repository archives. +## Signature scheme to use for signing/verifying repository archives. # sig = dsa +# sig = ecdsa -# How recently an archive must have been signed to be valid. +## How recently an archive must have been signed to be valid. # sig-fresh = always -# When the signing key expires. +## When the master signing key expires. # sig-expire = forever +###-------------------------------------------------------------------------- ### Master key integrity -# Since the master public key is contained within the repository, we must -# check its integrity: therefore we record its sequence number and -# fingerprint here. These are filled in automatically by -# `tripe-keys upload'. Leave them as they are. +## Since the master public key is contained within the repository, we must +## check its integrity: therefore we record its sequence number and +## fingerprint here. These are filled in automatically by `tripe-keys +## upload'. Leave them as they are. master-sequence = @MASTER-SEQUENCE@ hk-master = @HK-MASTER@ -- [mdw]