On 28/02/11 17:48, Murray S. Kucherawy wrote:
But while we're on the topic...
Elliptic curve cryptography has been getting more and more attention lately.
Does anyone have a good feel for adoption rates? Should we (or maybe another
group, or an individual submission) look into registering a new signing
algorithm and key storage specification for that technology?
I think that'd be a fine thing for someone to do. However, I
don't think its really useful until we need it, so one idea
might be to wait for sha-3 and then do a bunch of 'em at the
same time?
I think we will eventually want ECC instead of veeery loooong
RSA keys.
The time to switch for DKIM is likely to be when you no longer
want to sign with an RSA key that fits a DNS response nicely.
Not sure off the top of my head what exactly that would be in
terms of RSA modulus size.
But if there's demand now (e.g. for suite-B conformance or
something) maybe earlier than that would be better. I've not
heard that that's needed myself.
S.
PS: No hats on for this of course:-)
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html