[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S-MIME key length

To: ietf-smime@imc.org, V KRISHNA REDDY<kris@cmcltd.com>
Subject: Re: S-MIME key length
From: BJUENEMAN@novell.com
Date: Wed, 27 Oct 1999 09:35:00 -0600
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime@imc.org

This message is signed with a 2048 bit key.  So far, I haven't encountered anyone
who hasn't been able to validate the signature with that length key.  Encryption 
could conceivably be a different issue, depending on whether or not a recipient
is constrained by export and/or import policy.

We've done some limited testing with "odd-ball" key lengths -- 768, and even odd
number such as 1027, etc.  No observed problems. Doesn't guarantee that
everyone's software will handle such keys, of course.

Bob

Robert R. Jueneman
Security Architect
Network Security Development
Novell, Inc.
122 East 1700 South
Provo, UT 84606
bjueneman@novell.com
1-801-861-7387

DISCLAIMER:
  If this message (with or without attached documents) is digitally signed, and/or if certificates are attached, the intended purpose is to 
   (1) Ensure that e-mail came from the apparent sender
   (2) Protect e-mail from tampering
   (3) Ensure that the content of e-mail sent to me and encrypted in  my dual-use key cannot be viewed by others.
  It is explicitly NOT the intent of any such signed message or document to represent any type or form of legally binding contract or other representation, and any such interpretation should not be considered commercially reasonable and WILL BE REPUDIATED, notwithstanding any wording or implications to the opposite effect in the text of the message itself; due in part, but not exclusively, to the fact that the security of my workstation and its associated cryptography is not judged adequately strong for such purposes at present.

>>> Bruce Greenblatt <bgreenblatt@directory-applications.com> 10/26/99 09:32PM >>>
As I understand it, the S/MIME spec lets you use any key length that you
want, as long as you have an algorithm OID for it...  So, you can
definitely use 1024 bit keys.

At 03:56 PM 10/25/99 +0530, V KRISHNA REDDY wrote:
>I want the information whether s-mime specification gives us the
>flexibilty to use 1024 bit key length.Actually what is the status of the
>specification regarding key length.
>--krishna 
>
>
>
==============================================
Bruce Greenblatt, Ph. D.
Directory Tools and Application Services, Inc.
http://www.directory-applications.com

BEGIN:VCARD
VERSION:2.1
X-GWTYPE:USER
FN:Robert R. Jueneman
TEL;WORK:801-861-7387
ORG:Novell, Inc.;Network Security Development
TEL;PREF;FAX:801-861-2522
EMAIL;WORK;PREF;NGW:BJUENEMAN@novell.com
N:Jueneman;Bob
TITLE:Consultant Engineer
ADR;INTL;WORK;PARCEL;POSTAL:;PRV-F331;122 E. 1700 South;Provo;Utah;84606;USA
LABEL;INTL;WORK;PARCEL;POSTAL;ENCODING=QUOTED-PRINTABLE:Robert R. Jueneman=0A=
PRV-F331=0A=
122 E. 1700 South=0A=
Provo, Utah  84606=0A=
USA
LABEL;DOM;WORK;PARCEL;POSTAL;ENCODING=QUOTED-PRINTABLE:Robert R. Jueneman=0A=
PRV-F331=0A=
122 E. 1700 South=0A=
Provo, Utah  84606
TEL;HOME:1-801-765-4378
TEL;CELL:1-801-361-1410
TEL;PREF:1-801-861-7387, 1-800-453-1267
X-GWUSERID:BJUENEMAN
END:VCARD

S/MIME Cryptographic Signature

Follow-Ups:
- Re: S-MIME key length
  - From: Dennis Glatting <dennis.glatting@plaintalk.bellevue.wa.us>

Prev by Date: Re: s/mime certificate format
Next by Date: RE: Working Group Last Call:draft-ietf-smime-certdist-04.txt
Prev by thread: Re: S-MIME key length
Next by thread: Re: S-MIME key length
Index(es):
- Date
- Thread