[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S/MIME v3.2 IDs key size text

To: "Turner, Sean P." <turners@xxxxxxxx>, <ietf-smime@xxxxxxx>
Subject: Re: S/MIME v3.2 IDs key size text
From: Russ Housley <housley@xxxxxxxxxxxx>
Date: Wed, 19 Mar 2008 16:48:25 -0400
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-smime@xxxxxxxxxxxx


Sean:

A receiving agent SHOULD be able to verify signatures with keys of any size
over 512 bits.

This is asking for denial of service attack. What if someone sends acertificate that contains a 64Kbit value claiming to be a public keyand a blob of random bits claiming to be a signature? The amount oftime to check the signature (and probably find that it is not valid)is onerous.

Today, I cannot imagine someone making use of a public key largerthan 8192 bits. Double that it you want to be very future proof.

Russ

Follow-Ups:
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.

References:
- S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.

Prev by Date: Re: S/MIME v3.2 IDs key size text
Next by Date: Review of RFC 3278 Update
Previous by thread: Re: S/MIME v3.2 IDs key size text
Next by thread: RE: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread