<snip>
+ The following are the DSA key size requirements for S/MIME
receiving
+ agents during certificate and CRL signature verification:
+
+ 512 <= key size <= 1024 : MAY (see Section 6)
... are not reasonable, since in the first part of the
section, 'DSA with SHA-256' is listed as SHOULD+, and 'DSA with SHA-1'
is listed as SHOULD- .
If there are SHOULD requirements for DSA, then at least one
key size for DSA needs to have at least the same requirements
level, isn't it?
I did not address this comment in my earlier email. I believe that the
people who care about support for DSA care about compliance with NIST
FIPS/SPs. Couple this with the pointers we have for the 1024-bit DSA key
size (suggested in earlier email) to FIPS186-2 with Change Notice 1, which
only allows 1024-bit DSA keys, and I believe that support for DSA key sizes
should be changed (in both draft-ietf-smime-3850bis-07 (sec 4.3) and
draft-ietf-smime-3851bis-07 (Sec 4.2-4.3)) from:
512 <= key size <= 1024 : MAY
to:
512 <= key size <= 1023 : MAY
1024 = key size : SHOULD-
After the change, the inconsistency will be addressed.
spt