Dr S N Henson wrote:
"Bonatti, Chris" wrote:
Reading through this thread, I am astonished at a couple of apparent
truisms that are emerging from the various earnest statements made. These
are (employing a little editorial license):
* The implementation cost of DSA/D-H/3DES was acceptable when RSA was
patented, but now that some of us have actually built/tested this the cost
has gone up into the "too high" range.
I'd say in the DH case (and to some extent DSA) there's the issue of how
practical it is. The only DH certificates I've ever seen were in the
S/MIME examples draft. I suspect there are problems with the parameters
but despite repeated queries I never found anyone who could
independently check them.
I agree about D-H certs. They are not deployed as far as I can see.
If public CAs issuing DSA certificates are rare then I'd say CAs issuing
DH certificates are virtually non existent. Does anyone know of a single
example?
For "public CAs" I'd have to agree. I think the US government has issued
*lots* of DSA certs, but they generally don't emit them because the
interoperability picture is rather bleak. I don't
think secure mail gets used much outside of fairly closed environments for this
very reason. It's exceedingly rare that I even see a signed message in this
forum.
Its all very nice adding support for DSA and DH but if users can't get
any certificates from public CAs then their value is severely limited.
It's a bit of a chicken and egg problem, though.
Chris
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: shenson(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: drh(_at_)celocom(_dot_)com PGP key: via homepage.