Question:
In certificate templates on the CA (Microsoft, for example) you can specify keys larger than 2048. However, the Certificate Authorities workflow MyID only allows a maximum key length of 2048. Can MyID support larger key lengths than this?
Answer:
By default, the maximum key length that MyID supports is RSA 2048. The two main reasons for this are:
-
-
- It takes longer to generate larger bit keys and certificate issuance performance may be impacted
- Many physical smart cards and tokens supported by MyID do not support a key length of up to 4096 bits, due to storage limitations.
MyID can support larger key sizes but investigation and implementation would be treated as a change request depending on your specific requirements.