ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: S/MIME v3.2 IDs key size text

2008-05-12 07:33:06
from [Carl Wallace] [Permanent Link] 


How about adding a "MUST warn the user that key is too damn short to

be considered safe, even though the 

signature is valid" clause instead?

-- Tim


This isn't sufficient for verification of archived email.  A weak
signature may be covered by a timestamp that enables its verification.
This problem should be addressed using something like DSSC.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: S/MIME v3.2 IDs key size text, Timothy J Miller
Next by Date:  RE: weak authentication issue with rfc5083, Peter Gutmann
Previous by Thread:  Re: S/MIME v3.2 IDs key size text, Timothy J Miller
Next by Thread:  Re: S/MIME v3.2 IDs key size text, Paul Hoffman
Indexes:  [Date] [Thread] [Top] [All Lists]