ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CAT HERDING] Key lengths for interoperability and security considerations

2008-05-13 11:42:11
from [Blake Ramsdell] [Permanent Link] 

OK, so what needs to be done to come to closure on the key sizes. I think a
skeleton of The Right Thing looks something like this:

1. Normative language (MUST / SHOULD with lots of plusses and minuses and
   atsigns) describing the minimum and maximum lengths for keys. This covers
   the most important area of interoperability, and needs to be very clear
   about signing key lengths vs. verifying key lengths vs. generating key
   lengths.

2. An indication by those MUST / SHOULD statements pointing to the security
   considerations. This is the best we can do to guide people away from using
   one bit keys, and steer them in the direction of strong crypto.

3. Wording in the security considerations regarding the use of overshort or
   overlong keys.

Sean is preparing a summary of the existing discussion to address each point,
and we'll see where we're at.

Blake
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [CAT HERDING] Key lengths for interoperability and security considerations, Blake Ramsdell <=
Previous by Date:  RE: S/MIME v3.2 IDs key size text, Luther Martin
Next by Date:  RE: S/MIME v3.2 IDs key size text, Paul Hoffman
Previous by Thread:  I-D ACTION:draft-ietf-smime-3850bis-02.txt, by way of Paul Hoffman
Next by Thread:  draft-ietf-smime-3851bis-02 (notes, part 1) (fwd), Alfred Hönes
Indexes:  [Date] [Thread] [Top] [All Lists]