RE: Key Sizes in S/MIME v3.2
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Turner,
Sent: Wednesday, February 20, 2008 7:17 AM
Subject: RE: Key Sizes in S/MIME v3.2
I should have been clearer.
RFC 3850 current says (sec 4.3):
Key sizes from 512 bits to 2048 bits MUST be supported.
Suggesting it be replaced with:
Key sizes from 1024 bits to 2048 bits MUST be supported.
Here are the suggested changes RFC 3851 (sec 4.1):
If an S/MIME agent needs to generate an RSA key pair, then
the S/MIME agent or some related administrative utility or
function SHOULD generate RSA key pairs using the following
guidelines. A user agent SHOULD generate RSA key pairs at a
minimum key size of 1024 bits.
was 768 ^^^^
A user agent MUST NOT generate RSA key pairs less than 768
was 512 ^^^
bits long. Creating keys longer than
1024 bits can cause some older S/MIME receiving agents to
not be able to verify signatures, but gives better security
and is therefore valuable. A receiving agent SHOULD be able
to verify signatures with keys of any size over 768 bits.
was 512 ^^^
Some agents created in the United
States have chosen to create 512 bit keys in order to get
more advantageous export licenses. However, 512 bit keys are
considered by many to be cryptographically insecure.
Implementers SHOULD be aware that multiple
(active) key pairs can be associated with a single
individual. For example, one key pair can be used to support
confidentiality, while a different key pair can be used for
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Paul
Sent: Tuesday, February 19, 2008 1:42 PM
To: Turner, Sean P.; ietf-smime(_at_)imc(_dot_)org
Subject: Re: Key Sizes in S/MIME v3.2
At 11:34 AM -0500 2/19/08, Turner, Sean P. wrote:
>From the mail discussion we had in December, it's pretty
clear to me
that key sizes from 1024-2048 ought to be the MUST and other
key sizes are MAY.
I'm suggesting the following text:
Key sizes from 1024 bits to 2048 buts MUST be supported. Keys sizes
larger than 2048 MAY be supported.
Should we put a MUST NOT or SHOULD NOT in for key sizes
smaller than 1024?
MUST NOT or SHOULD NOT *what*? Generate, or validate?