Mark Loveless activity https://gitlab.com/mloveless 2026-03-18T14:38:03Z tag:gitlab.com,2026-03-18:5217971142 Mark Loveless commented on merge request !227501 at GitLab.org / GitLab 2026-03-18T14:38:03Z mloveless Mark Loveless [email protected]

The wording in the Cryptography Standard states the minimum for RSA should be 2048. That meets the minimal requirements for compliance - namely with various FIPS/FedRAMP/NIST related standards and practices. So it is not "set it to 2048" it is "at least 2048, higher is allowed".

Frankly everywhere I have a choice when I am using digital signatures I always use the maximum value I can set it to.

 tag:gitlab.com,2026-03-09:5184789474 Mark Loveless pushed to project branch mloveless-main-patch-7ed8 at GitLab.com / Content Sites / handbook 2026-03-09T22:36:47Z mloveless Mark Loveless [email protected]

Mark Loveless (a564e90d) at 09 Mar 22:36

Fixed spelling error

 tag:gitlab.com,2026-03-09:5184783952 Mark Loveless opened merge request !18824: Updates to stay current around quantum cryptography at GitLab.com / Content Sites / handbook 2026-03-09T22:34:01Z mloveless Mark Loveless [email protected]

Why is this change being made?

💡 Provide a detailed answer to the question on why this change is being proposed, in accordance with our value of Transparency.

Please add the details saying why, not just what in this section. Example: We have discussed the topic in Slack - (copy of Slack conversation). The current process is not efficient, this MR makes the description of X more clear, and helps move Y forward.

Minor updates to cryptography standard. The issues surrounding post quantum cryptography are outlined, a few new terms in that space have been linked to, and I've mentioned the "harvest now, decrypt later" attack scenario specifically. I think we still have time but wanted to at least get it in the standard as a potential catalyst for quicker post-quantum adoption.

Author and Reviewer Checklist

Please verify the check list and ensure to tick them off before the MR is merged.

  • Provided a concise title for this Merge Request (MR)
  • Added a description to this MR explaining the reasons for the proposed change, per say why, not just what
    • Copy/paste the Slack conversation to document it for later, or upload screenshots. Verify that no confidential data is added, and the content is SAFE
  • Assign reviewers for this MR to the correct
    • The when to get approval handbook section explains when DRI approval is required
    • The who can approve handbook section explains how to identify the DRI
    • If the MR does not require DRI approval, consider asking someone on your team, such as your manager.
    • The approver may merge the MR. If they approve but don't merge, you can merge.
  • For transparency, share this MR with the audience that will be impacted.
    • Team: For changes that affect your direct team, share in your group Slack channel
    • Department: If the update affects your department, share the MR in your department Slack channel
    • Division: If the update affects your division, share the MR in your division Slack channel
    • Company: If the update affects all (or the majority of) GitLab team members, post an update in #whats-happening-at-gitlab linking to this MR

Commits

  • Updates to stay current
 tag:gitlab.com,2026-03-09:5184344609 Mark Loveless pushed new project branch mloveless-main-patch-7ed8 at GitLab.com / Content Sites / handbook 2026-03-09T19:58:53Z mloveless Mark Loveless [email protected]

Mark Loveless (1aaa26e1) at 09 Mar 19:58

Updates to stay current