draft-ietf-pkix-rfc2510bis-07.txt : IAK(Initial Authentication Key)

["Jong-Wook, Park" <khopri@xxxxxxxxxx>]

Title: 메시지

Hello all,

 

As for the IAK which used for authenticating the sender,  rfc2510bis-07.txt  describes it as follows :

 

   The end entity has an out of band interaction with the CA/RA.  This
   transaction established the shared secret, the referenceNumber and
   OPTIONALLY the distinguished name used for both sender and subject
   name in the certificate template.  It is RECOMMENDED that the shared
   secret be at least 12 characters long.

But it doesn't tell how 12 characters long comes out. If anybody can tell, please let me know the reason why.

I know this matter on the length of IAK is entirely depends on a cryptographic problem, not PKI.

However, it would be better to comment some reasons or references, if any,  relating to the minimal length of IAK.

 

Thanks,

Park.

 

Park, Jong-Wook

 

Security Consultant

 

Korea Information Security Agency

Korea Certification Authority Central

 

4th FL., IT-Venture Tower B/D, 78, Garak-Dong, Songpa-Gu, Seoul, Korea 138-803

Tel : +82-2-4055-432 

Fax : +82-2-4055-319

Mobile : +82-16-461-7367

E-mail : khopri@xxxxxxxxxx or khopri@xxxxxxxxxxxx

 

Visit http://www.kisa.or.kr or http://www.rootca.or.kr for more info, please.

 

Always Thanks !