ietf-smime
[Top] [All Lists]

Re: S/MIME v3.2 IDs key size text

2008-05-12 08:26:37

At 8:31 AM -0500 5/12/08, Timothy J Miller wrote:
On May 9, 2008, at 4:40 PM, Paul Hoffman wrote:

At 12:37 PM -0400 5/6/08, Turner, Sean P. wrote:

  0 < key size < 511  : MUST NOT
512 < key size < 1023 : SHOULD-

Beyond what Russ just pointed out, I find the first line to be in bad taste. Any IETF spec that says "you must not be able to verify a signature even though it is valid" is pretty offensive.

How about adding a "MUST warn the user that key is too damn short to be considered safe, even though the signature is valid" clause instead?

I seriously doubt we could get consensus on the number of bits for that to kick in. Also, this would prevent an automated signature validation system with no UI from being able to be conformant.

We are not the security nannies of the Internet. As long as we give a reasonable number of bits that all implementations should be able to sign and verify in order to make reasonably-strong signatures, we should step back and let organizations make their own rules.