When using client certificate authentication with client certificates with keys
of 4097 bit RSA or larger you always get a diagnostic from the SSL layer saying
that no memory was available which is funny because usinga key of the same size
for the SSL server works just fine. Also using a 4095 bit RSA client certificate
works just fine as well.

This breaks security in system where such keys are used and thus should be
considered serious misbehaviour as cryptographic systems MUST NOT include an
arbitrary limits on the key size of used cryptographic parameters.

Please either remove this restriction completely or raise this to a much more
sane value that is not limitting casually-paranoid configurations which use
keys like 8192 Bit RSA for client authentication.

A suggested increase could be 65536 Bit RSA, but better remove this limitation
completely as it causes no real benefit.

Furthermore RSA 8192 and up to RSA 16384 has to be considered as it corresponds
roughly to 192-256 bit symmetric key sizes and thus properly configured systems
enforcing 256 bit symmetric cryptography will also enforce asymmetric keys
larger than 4096 bit for RSA or similarly for DSA and ECDSA.

Kind regards,
Benny Baumann

src:iceweasel has been superseded by src:firefox-esr in version
45.0esr-1 in March 2016. Transitional packages to ease upgrades were
provided in the wheezy, jessie, stretch and buster releases. The
transitional packages have been removed finally before the bullseye
release in August 2021.
After regular security support for buster ended in August 2022 and LTS
support ended in June 2024, I'm closing the remaining bug reports now.

Andreas