Re: [resend] Use of DNS to distribute keys

pem-dev

Re: [resend] Use of DNS to distribute keys

1993-09-20 08:50:00

from [smb]

         >Make it into a 1024 bit key, the minimum you need for real security,

         I couldn't let this pass.  With our current knowledge, 1024 is
         about the maximum useful RSA key size, not the minimum.  512
         bits is plenty for most uses.  It is roughly where DES was 15
         years ago: perhaps NSA can afford to break it but no one else
         can.  If you're worried about NSA, 640 bits is entirely
         adequate unless they know some mathematics the rest of us
         don't.

I think it's safe to assume that NSA does indeed know more math.  Remember
that they'll permit 512-bit RSA to be exported easily.  That, to me,
speaks volumes...

Where the cutoff is, I couldn't say, but I assume they left themselves
some margin.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [resend] Use of DNS to distribute keys, (continued) Re: [resend] Use of DNS to distribute keys, Robert W. Shirey Re: [resend] Use of DNS to distribute keys, Derek Atkins Re: [resend] Use of DNS to distribute keys, Brad Huntting Re: [resend] Use of DNS to distribute keys, kaufman Re: [resend] Use of DNS to distribute keys, Perry E. Metzger Re: [resend] Use of DNS to distribute keys, Masataka Ohta Re: [resend] Use of DNS to distribute keys, kaufman Re: [resend] Use of DNS to distribute keys, Perry E. Metzger Re: [resend] Use of DNS to distribute keys, Beast (Donald E. Eastlake, 3rd) Re: [resend] Use of DNS to distribute keys, smb Re: [resend] Use of DNS to distribute keys, smb <=

Previous by Date:	Re: [resend] Use of DNS to distribute keys, smb
Next by Date:	Re: Residential CAs and DN subordination, jueneman
Previous by Thread:	Re: [resend] Use of DNS to distribute keys, smb
Next by Thread:	Re: Use of DNS to distribute keys, Ran Atkinson
Indexes:	[Date] [Thread] [Top] [All Lists]