RE: S/MIME v3.2 IDs key size text2008-05-12 07:33:06How about adding a "MUST warn the user that key is too damn short to be considered safe, even though the signature is valid" clause instead? -- Tim This isn't sufficient for verification of archived email. A weak signature may be covered by a timestamp that enables its verification. This problem should be addressed using something like DSSC.
|
|