RE: S/MIME v3.2 IDs key size text


At 6:16 AM +1200 5/3/08, Peter Gutmann wrote:

"Turner, Sean P." <turners(_at_)ieca(_dot_)com> writes:

A receiving agent needs to be able to verify signatures whose key length is
chosen by the signer. For interoperability, a receiving agent MUST be able to
verify signatures whose key length is 1024 bits or shorter.


[...]

Receiving agents are only required to validate signatures that are the same
length as sending agents are required to produce, namely 1024 bits.


Aren't these mutually exclusive?


Yes; that's why they are in separate sections.

(The "or shorter" attached to the "1024" is also going to prove problematic
with FIPS-evaluated crypto implementations, since you can't do < 1024 bits for
those).

That's just plain wrong. Nothing in the FIPS evaluation says that youcannot verify signatures shorter than what they require.

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

RE: S/MIME v3.2 IDs key size text, Tony Capel

Next by Date:

RE: S/MIME v3.2 IDs key size text, Paul Hoffman

Previous by Thread:

RE: S/MIME v3.2 IDs key size text, Peter Gutmann

Next by Thread:

RE: S/MIME v3.2 IDs key size text, Luther Martin

Indexes:

[Date] [Thread] [Top] [All Lists]