RADIUS Certificate question
Alan DeKok
aland at deployingradius.com
Fri Aug 6 08:40:30 CEST 2010
Sallee, Stephen (Jake) wrote:
> I am about to generate a CSR for my FreeRADIUS Server. The vast
> majority of my clients are Vista and Win 7 with a few MACs, with this in
> mind would I be better off going with a 1024 bit cert or would a 2048
> bit cert be better?
A 2K cert would be better.
> I know both are quite secure, but for platform interoperability and
> future proofing, does anyone have any thoughts on which one is better?
It's possible to crack 1K certs with available amounts of CPU power.
i.e. large companies could run a screen saver on their desktops, and
crack a 1K cert in a reasonable amount of time.
Alan DeKok.
More information about the Freeradius-Users
mailing list