Re: RSA vs. DSA MUST

[Dr S N Henson <drh@xxxxxxxxxxx>]

"Bonatti, Chris" wrote:
> 
>     Reading through this thread, I am astonished at a couple of apparent truisms that are emerging from the various earnest statements made.  These are (employing a little editorial license):
> 
>    * The implementation cost of DSA/D-H/3DES was acceptable when RSA was patented, but now that some of us have actually built/tested this the cost has gone up into the "too high" range.
> 

I'd say in the DH case (and to some extent DSA) there's the issue of how
practical it is. The only DH certificates I've ever seen were in the
S/MIME examples draft. I suspect there are problems with the parameters
but despite repeated queries I never found anyone who could
independently check them.

If public CAs issuing DSA certificates are rare then I'd say CAs issuing
DH certificates are virtually non existent. Does anyone know of a single
example?

Its all very nice adding support for DSA and DH but if users can't get
any certificates from public CAs then their value is severely limited.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: shenson@xxxxxxxxxxxxxxxxxxxxxxxxxxx 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: drh@xxxxxxxxxxx PGP key: via homepage.