Canon imageCLASS MF448dw imageCLASS MF449dw / MF448dw / MF445dw User Guide - Page 644
Registration of Keys and Certificates, Definition of Weak Encryption
View all Canon imageCLASS MF448dw manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 644 highlights
Appendix ● IPSec supports communication to a unicast address (or a single device). ● The machine cannot use both IPSec and DHCPv6 at the same time. ◼ Registration of Keys and Certificates ● If you install a key or CA certificate from a computer, make sure that they meet the following requirements: Format ● Key: PKCS#12*1 ● CA certificate: X.509 DER/PEM File extension ● Key: ".p12" or ".pfx" ● CA certificate: ".cer" or ".pem" Public key algorithm (and key length) ● RSA (512 bits, 1024 bits, 2048 bits, 4096 bits) ● DSA (1024 bits, 2048 bits, 3072 bits) ● ECDSA (P256, P384, P521) Certificate signature algorithm ● RSA: SHA-1, SHA-256, SHA-384*2, SHA-512*2, MD2, MD5 ● DSA: SHA-1 ● ECDSA: SHA-1, SHA-256, SHA-384, SHA-512 Certificate thumbprint algorithm SHA1 *1Requirements for the certificate contained in a key are pursuant to CA certificates. *2RSA-SHA-384 and RSA-SHA-512 are available only when the RSA key length is 1024 bits or more. ● The machine does not support use of a certificate revocation list (CRL). ◼ Definition of "Weak Encryption" When is set to , the use of the following algorithms is prohibited. Hash MD4, MD5, SHA-1 HMAC HMAC-MD5 Common key cryptosystem RC2, RC4, DES Public key cryptosystem RSA encryption (512 bits/1024 bits), RSA signature (512 bits/1024 bits), DSA (512 bits/1024 bits), DH (512 bits/1024 bits) ● Even when is set to , the hash algorithm SHA-1, which is used for signing a root certificate, can be used. 636