urn:ietf:params:acme:error:badCSR: Error finalizing order :: invalid public key in CSR: key size not supported: 2176

[mirabilos]

I got an error this month:

{ 
  "type": "urn:ietf:params:acme:error:badCSR",
  "detail": "Error finalizing order :: invalid public key in CSR: key size not supported: 2176",
  "status": 400
}

This s a regression; it normally works.

[alexzorin]

Previously announced: https://community.letsencrypt.org/t/issuing-for-common-rsa-key-sizes-only/133839

[mirabilos]

alexzorin dixit:

Previously announced: https://community.letsencrypt.org/t/issuing-for-common-rsa-key-sizes-only/133839

Meh, they could have mailed the affected people. But this is a reduction in security! If only three keysizes are supported it gets easier to make something like rainbow tables for all keys of that one size. Please reconsider.

[aarongable]

We did mail the contact addresses on file for the affected subscribers, as noted in the last line of that post.

Security experts do not currently believe that rainbow tables are a viable attack against RSA keys, especially not at the 3072- or 4096-bit key sizes which you could upgrade to. We spent a long time debating this decision, for exactly the reason you bring up, and so do not intend to reconsider it at this time.

[mirabilos]

Aaron Gable dixit:

We did mail the contact addresses on file for the affected subscribers, as noted in the last line of that post.

Hmm, I didn’t receive anything.

Security experts do not currently believe that rainbow tables are a viable attack against RSA keys, especially not at the 3072- or 4096-bit key sizes which you could upgrade to. We spent a long time debating this decision, for exactly the reason you bring up, and so do not intend to reconsider it at this time.

I see.