ietf-openpgp
[Top] [All Lists]

Re: Suggested changes for DSA2

2006-03-27 08:29:14

On Mon, Mar 27, 2006 at 03:19:54PM +0200, Ian G wrote:

I would vote for just allowing a subset of the NIST sizes.
That is, something like an implementation MUST accept the
NIST set, and SHOULD reject all others.  If a need for a
variant comes up, the developers have to battle it out and
justify going up against the SHOULD.  If there is a clear
need, then they'll work it out.

It is not the place of a data format standard to hold people's hands
to that extent.  We (correctly) don't tell people to reject signatures
from a 512-bit RSA key.  That's not our job in the standard.  If an
*implementation* wants to do that, that's just fine, but it does not
need permission from the standard to do it.

David