• Scoopta@programming.dev
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    2 months ago

    Fact of the matter is RSA is perfectly secure still…and ECDSA/ED25519 should also be extinct given the rising need for post quantum cryptography

      • Scoopta@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Most of the situations I encounter RSA are in projects where I hope RSA is implemented correctly. I have a lot of Let’s Encrypt certs that are still RSA and my main SSH keys are still RSA. All of these were generated quite some time ago. I understand the problem with projects that implement it incorrectly but I’d hope OpenSSH and certbot aren’t those projects 😥

        • computergeek125@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          For Certbot, I think it’s even further up the chain - OpenSSL. And if you’re installing it to Apache or Nginx, its probably just OpenSSL again.