From b92b09300a2b85d02041499f5cf93a7b30939c36 Mon Sep 17 00:00:00 2001 From: Frithjof Schulze Date: Thu, 27 Jun 2013 11:23:55 -0700 Subject: [PATCH] crypto/tls: Change TLS version to 1.1 in the package comment. Also use 2048-bit RSA keys as default in generate_cert.go, as recommended by the NIST. R=golang-dev, rsc, bradfitz CC=golang-dev https://golang.org/cl/10676043 --- src/pkg/crypto/tls/generate_cert.go | 2 +- src/pkg/crypto/tls/tls.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pkg/crypto/tls/generate_cert.go b/src/pkg/crypto/tls/generate_cert.go index 215644d243..b417ea4640 100644 --- a/src/pkg/crypto/tls/generate_cert.go +++ b/src/pkg/crypto/tls/generate_cert.go @@ -30,7 +30,7 @@ var ( validFrom = flag.String("start-date", "", "Creation date formatted as Jan 1 15:04:05 2011") validFor = flag.Duration("duration", 365*24*time.Hour, "Duration that certificate is valid for") isCA = flag.Bool("ca", false, "whether this cert should be its own Certificate Authority") - rsaBits = flag.Int("rsa-bits", 1024, "Size of RSA key to generate") + rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate") ) func main() { diff --git a/src/pkg/crypto/tls/tls.go b/src/pkg/crypto/tls/tls.go index 9230656d6a..054e477618 100644 --- a/src/pkg/crypto/tls/tls.go +++ b/src/pkg/crypto/tls/tls.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package tls partially implements TLS 1.0, as specified in RFC 2246. +// Package tls partially implements TLS 1.1, as specified in RFC 4346. package tls import (