Increased cryptographic strength
This commit is contained in:
radicand
18
README.md
18
README.md
@@ -1,8 +1,24 @@
|
||||
About this fork
|
||||
===============
|
||||
|
||||
Reasons for forking
|
||||
===================
|
||||
-------------------
|
||||
|
||||
After spending a fair amount of time looking for a basic, relatively full featured internal PKI solution, I came across PHPki on Sourceforge. However, being that I don't enjoy using Sourceforge and that there are a number of improvements I wish to make to this solution, I have forked it into a Github repository. Hopefully others may find this useful.
|
||||
|
||||
Main changes
|
||||
------------
|
||||
|
||||
* Changed hash algorithm from MD5 to SHA
|
||||
|
||||
|
||||
Planned changes
|
||||
---------------
|
||||
|
||||
* Remove usage of symlinks.
|
||||
* Strip out built-in password support -- this can be implemented by the webserver (htaccess) or a bolt-on like SimpleSAMLphp
|
||||
* Fix CRL subsystem (I found this to not be operational, have not yet investigated)
|
||||
|
||||
|
||||
Original README (0.83)
|
||||
======================
|
||||
|
||||
@@ -14,7 +14,7 @@ crl_extensions = crl_ext
|
||||
default_days = 365
|
||||
default_crl_days = 30
|
||||
preserve = no
|
||||
default_md = md5
|
||||
default_md = sha512
|
||||
|
||||
[ ca ]
|
||||
default_ca = email_cert
|
||||
@@ -147,7 +147,7 @@ issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ req ]
|
||||
default_bits = 1024
|
||||
default_bits = 2048
|
||||
default_keyfile = privkey.pem
|
||||
distinguished_name = req_name
|
||||
string_mask = nombstr
|
||||
|
||||
Reference in New Issue
Block a user