OpenSSL certificates and key sizes

Chris Ball cjb at
Fri Apr 14 16:22:16 EDT 2006

>> On Fri, 14 Apr 2006 15:29:34 -0400, John Abreau <jabr at> said:

   > Are there any problems with making the keys, particularly the CA
   > key, something like 4096 bits long?  How about 8192 bits long?

Either is fine, but I personally find 8192 bits a little distasteful;
most CA keys are 4096 bits long, and have an expiry of around fifteen

4096-bit keys have been conjectured "safe", against the best-known 
algorithms, for 45 years[1].  So, it makes sense to take that, plan 
for dramatic but conventional advances (since you can't plan for 
unconventional ones) and set an expiry of a decade or two.  I think
it makes less sense to go with an 8192-bit key and be attempting to 
plan hundreds of years into the future.

(But IANACryptographer.)

 [1]:  <>, p.32.

Chris Ball   <cjb at>    <>

More information about the Discuss mailing list