Minimum Strong DSA Key Length IT policy rule

Description

This rule specifies the minimum DSA key size (in bits) that a BlackBerry device can use TLS connections.

If you configure the minimum key size on the BlackBerry Enterprise Server to be greater than the minimum key size on the device, the device prompts a BlackBerry device user to trust every highly secure website that uses a key size in its certificate that is less than the minimum key size on the BlackBerry Enterprise Server. For example, if the user browses to a highly secure website that uses a 512-bit DSA key in its certificate, the device prompts the user to trust the website. If the user trusts the website and selects the Don't Ask Again option, the minimum key size on the device is configured to 512 bits. If you configure the minimum key size on the BlackBerry Enterprise Server to 1024 bits, the device prompts the user to trust every highly secure website that uses a key size in its certificate that is less than 1024 bits.

Possible values

• 512 to 1024 bits

Default value

• 1024 bits on the BlackBerry device
• 512 bits on the BlackBerry Enterprise Server

Minimum requirements

• BlackBerry Device Software 3.6.1

Rule introduction

• BlackBerry Enterprise Server 3.6 SP1