With respect to the RSA key sizes, I see lots of demand for 3072-bit keys, but
not much for 2048-bit, so I'd be very inclined to make the range 1024 to 3072.
To be compatible with AES, you need at least 3072, after all.
If that's the case, then the corresponding range for EC should be 160 to 256.
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org on behalf of
Turner, Sean P.
Sent: Wed 12/5/2007 9:00 AM
To: ietf-smime(_at_)imc(_dot_)org
Cc:
Subject: Comments on S/MIME v3.2
At the meeting we had some comments on the S/MIME v3.2 specs
(draft-ietf-smime-3850bis-00.txt and draft-ietf-smime-3851bis-00.txt):
1. Define SHOULD+, SHOULD-, and MUST-.
2. Update key size requirements and make sure you differentiate
between RSA/DSA and EC key sizes.
3. Check that there's no IPR wrt to ECDSA signed certificates and
using them with S/MIME.
For #1 - I'm going to copy the text from RFC4307.
For #3 - Turns out we're the 1st group to make ECDSA a SHOULD (of any
kind) so we've got our feelers out to see what we can shake loose.
For #2 RSA/DSA key sizes - There was some discussion that the RSA key
size that MUST be supported should be 1024-3076 and others felt that it should
be 1024-2048. What do people think?
For #2 EC key size - This discussion may be premature but what should
we make the sizes? Min 256 max 384?
Other comments are welcome.
spt