ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: RSA vs. DSA MUST

2000-11-29 21:21:17
from [Enzo Michelangeli] [Permanent Link] 
----- Original Message -----
From: "Bob Jueneman" <bjueneman(_at_)novell(_dot_)com>
To: <BonattiC(_at_)ieca(_dot_)com>; <ietf-smime(_at_)imc(_dot_)org>
Sent: Thursday, November 30, 2000 7:18 AM
Subject: Re: RSA vs. DSA MUST

[...]

As a result, Product Management is increasingly inclined to
"Just Say NO" to these kinds of features, which ends up making
IETF standards increasingly irrelevant and making interoperability
that much harder, rather than easier.


I think that Product Management needs to understand that in the Internet age
interoperability is, for a vendor, matter of life and death; I think your
company grasps this point well, as it bit the bullet several years ago by
embracing TCP/IP.


The real challenge in creating standards is therefore not to
attempt to see how many you can create with all of their rococo
variations, but rather how few you can get by with and still
get the job done.  To the extent that the IETF WGs become
self-justifying, self-perpetuating, and eternal, the less useful
they become, IMHO.  We are becoming more and more like ISO every
day, and maybe worse.


Gee Bob, you stole my line: I was planning to title one of my postings "The
X.400-ization of secure e-mail". Does everyboy remember X.400 (1984) and
X.400 (1988)? Both S/MIME and OpenPGP, at this moment, exist in two major
versions that do not necessarily interoperate with each other, and for the
same damn reason (old intellectual property issues on cryptographic
algorithms, now in large part disappeared).


This is really a case of Little Red Riding Hood's porridge.
We want it to be not too hot (needlessly feature rich), and
not too cold (missing important capabilities or security,
forcing everyone to devolve to the lowest common denominator),
but rather just right.  And that requires making intelligent CHOICES.


Here is my modest proposal for SMIME v.3 sole MUST requirements:

- Full interoperability with SMIME v.2, therefore #include-ing all the MUST
of RFC2311;
- Minimum key length raised to 1024-bit for PK and 112-bit for symmetric
algorithms;
- At least one other key exchange algorithm and one signature algorithm
unrelated to the problem of modular factorization, to protect against
possible unpleasant effects of progress in numbers theory. I'd say that DSA
and DH are the best candidates, if we want to exorcise the IP curse that
could strike ECC-based techniques;
- 3DES-EDE and Rijndael added to RC2.

Cheers --

Enzo
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Lady V: The Pleasure Pill for Women!, V
Next by Date:  I-D ACTION:draft-ietf-smime-esformats-02.txt, Internet-Drafts
Previous by Thread:  Re: RSA vs. DSA MUST, Bob Jueneman
Next by Thread:  Re: RSA vs. DSA MUST, Bonatti, Chris
Indexes:  [Date] [Thread] [Top] [All Lists]