On Tue, Sep 20, 2005 at 11:02:19AM -0700, "Hal Finney" wrote:
I'm not sure how other systems that implement DSS handle the issue of
validating public parameter certificates. It could be that OpenPGP is
the main user of DSA/DSS and nobody else worries about it. I know I've
seen X.509 certificate specs for DSS keys and they don't have the extra
information necessary (although strangely, X.509 Diffie-Hellman keys do
have it!). I guess they just assume that checks for legal DSS public
parameters are outside the scope of their spec.
I know about one other major implementation of DSS, which is java.security
by Sun Microsystems. Their key generation method uses pre-calculated
moduli for the common key sizes, but one can turn that feature off and
have the key generated from scratch (which takes a lot longer, of course).
The certificates of the pre-calculated moduli are in a comment of the source
code, which you may obtain from Sun upon request (they are very forthcoming
about that, becasue they understand that openness is the basis of trust in
crypto matters).
--
Daniel