Policy
Configure minimum DSA public key size
Microsoft Office
Policy overview
Key metadata and intent for this policy.
This policy setting allows you to configure the minimum number of DSA public key bits Office allows to create digital signatures. If you enable this policy setting, you can specify the minimum number of bits that can be used to create a digital signature. For example: 1024, 2048, etc. If you disable or don’t configure this policy setting, Office allows all DSA keys, unless the legacy or invalid DSA policy settings are configured. If the legacy or invalid DSA public key bits policy settings are configured, then the default for this setting will be the next larger value. For example, if the number of DSA public key bits is set to 768, then this setting would default to 1024.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Scope | Element | Type | Registry mapping | Constraints & behavior | Copy |
|---|---|---|---|---|---|
| User | L_SelectDigitalSignatureHashingAlgorithmDropID ID L_SelectDigitalSignatureHashingAlgorithmDropID | enum | Path software\policies\microsoft\office\16.0\common\signatures Value name minsigningdsabits Type REG_DWORD | Options: $(string.L_SelectDigitalSignatureAlgorithmBitsStr0) (0), $(string.L_SelectDigitalSignatureAlgorithmBitsStr1) (512), $(string.L_SelectDigitalSignatureAlgorithmBitsStr2) (768), $(string.L_SelectDigitalSignatureAlgorithmBitsStr3) (1024) |