ietf-smime
[Top] [All Lists]

Re: S-MIME key length

1999-10-27 08:33:47
This message is signed with a 2048 bit key.  So far, I haven't encountered 
anyone
who hasn't been able to validate the signature with that length key.  
Encryption 
could conceivably be a different issue, depending on whether or not a recipient
is constrained by export and/or import policy.

We've done some limited testing with "odd-ball" key lengths -- 768, and even odd
number such as 1027, etc.  No observed problems. Doesn't guarantee that
everyone's software will handle such keys, of course.

Bob

Robert R. Jueneman
Security Architect
Network Security Development
Novell, Inc.
122 East 1700 South
Provo, UT 84606
bjueneman(_at_)novell(_dot_)com
1-801-861-7387

DISCLAIMER:
  If this message (with or without attached documents) is digitally signed, 
and/or if certificates are attached, the intended purpose is to 
   (1) Ensure that e-mail came from the apparent sender
   (2) Protect e-mail from tampering
   (3) Ensure that the content of e-mail sent to me and encrypted in  my 
dual-use key cannot be viewed by others.
  It is explicitly NOT the intent of any such signed message or document to 
represent any type or form of legally binding contract or other representation, 
and any such interpretation should not be considered commercially reasonable 
and WILL BE REPUDIATED, notwithstanding any wording or implications to the 
opposite effect in the text of the message itself; due in part, but not 
exclusively, to the fact that the security of my workstation and its associated 
cryptography is not judged adequately strong for such purposes at present.

Bruce Greenblatt <bgreenblatt(_at_)directory-applications(_dot_)com> 
10/26/99 09:32PM >>>
As I understand it, the S/MIME spec lets you use any key length that you
want, as long as you have an algorithm OID for it...  So, you can
definitely use 1024 bit keys.

At 03:56 PM 10/25/99 +0530, V KRISHNA REDDY wrote:
I want the information whether s-mime specification gives us the
flexibilty to use 1024 bit key length.Actually what is the status of the
specification regarding key length.
--krishna 



==============================================
Bruce Greenblatt, Ph. D.
Directory Tools and Application Services, Inc.
http://www.directory-applications.com

Attachment: Bob Jueneman.vcf
Description: Vcard

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

<Prev in Thread] Current Thread [Next in Thread>