ietf-smime
[Top] [All Lists]

Re: S/MIME v3.2 IDs key size text

2008-05-09 17:45:01

On Fri, May 09, 2008 at 02:40:17PM -0700, Paul Hoffman wrote:
Beyond what Russ just pointed out, I find the first line to be in bad 
taste. Any IETF spec that says "you must not be able to verify a signature 
even though it is valid" is pretty offensive.

Can we return to talking about interoperability?

I think you and I are on the same page, and there's two things:

1. Interoperability. The key sizes to guarantee two implementations will talk
   to each other.

2. Security considerations. The key sizes that are a no-no due to insufficient
   or overly-sufficient size.

Have we given up on the separation of these?

Blake