You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As stated on JWA 3.3, RSA keys need to be a least 2048 long:
Digital Signature with RSASSA-PKCS1-v1_5
This section defines the use of the RSASSA-PKCS1-v1_5 digital
signature algorithm as defined in Section 8.2 of RFC 3447 [RFC3447]
(commonly known as PKCS #1), using SHA-2 [SHS] hash functions.
A key of size 2048 bits or larger MUST be used with these algorithms.
The text was updated successfully, but these errors were encountered:
I see the standard doesn't tell anything about ECDSA keys, but I would like to introduce a minimum key requirement there too, which would be 224 bits to have the same strength of an RSA key length of 2048 bits.
As stated on JWA 3.3, RSA keys need to be a least 2048 long:
The text was updated successfully, but these errors were encountered: