Security Profiles defined in OPC 10000-7 describe required algorithms and required key lengths. Key length requirements may be specified as a range, i.e. 1024-2048. It is important that an OPC UA Application supports the entire range for its Application Instance Certificate. This allows an end user to generate a key (Application Instance Certificate) that meets their security requirements. This may extend the period of time for which the given Security profile can be used. For example, key lengths less than 2048 are already considered insecure, but if an end user generates certificates for the high end of the range (2048), the application might still be considered secure (depending on the other algorithms).