Paul Hoffman <phoffman(_at_)imc(_dot_)org> writes:
At 12:37 PM -0400 5/6/08, Turner, Sean P. wrote:
0 < key size < 511 : MUST NOT
512 < key size < 1023 : SHOULD-
1024 < key size < 2048 : MUST
2049 < key size < 4096 : MAY
Beyond what Russ just pointed out, I find the first line to be in bad taste.
Any IETF spec that says "you must not be able to verify a signature even
though it is valid" is pretty offensive.
So an implementation is supposed to do what, tell the user that they can be
absolutely totally assured that the signature is valid, all 12 bits of it? I
guess it'll save implementation time because you can just report "signature
might be valid" without even having to verify it.