[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: S/MIME v3.2 IDs key size text

To: "'Paul Hoffman'" <phoffman@xxxxxxx>, <ietf-smime@xxxxxxx>
Subject: RE: S/MIME v3.2 IDs key size text
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Tue, 25 Mar 2008 10:15:21 -0400
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Organization: IECA, Inc.
References: <> <>
Sender: owner-ietf-smime@xxxxxxxxxxxx
Thread-index: AciKBJXuNfywbktHSt2XUo4LpcbeRQEfLk+g

Paul,

These sounds reasonable. To resolve the 2nd comment I'm deleting the
sentence, which Tony also commented on.

spt

>-----Original Message-----
>From: owner-ietf-smime@xxxxxxxxxxxx 
>[mailto:owner-ietf-smime@xxxxxxxxxxxx] On Behalf Of Paul Hoffman
>Sent: Wednesday, March 19, 2008 4:43 PM
>To: Turner, Sean P.; ietf-smime@xxxxxxx
>Subject: Re: S/MIME v3.2 IDs key size text
>
>
>At 3:07 PM -0400 3/19/08, Turner, Sean P. wrote:
>>In 3850bis, the update is to section 4.3 (this is the only sentence 
>>that refers to key sizes):
>>
>>(old) Key sizes from 512 bits to 2048 bits MUST be supported.
>>
>>(new) Key sizes from 1024 bits to 2048 bits MUST be supported.
>
>This is about verification, not about signing. Why should we 
>increase it from 512 bits? I support leaving it as in RFC 3850 
>at 512 bits.
>
>>
>>In 3851bis, the update is to section 4.1:
>>
>>(old) If an S/MIME agent needs to generate an RSA key pair, then the 
>>S/MIME agent or some related administrative utility or 
>function SHOULD 
>>generate RSA key pairs using the following guidelines.  A user agent 
>>SHOULD generate RSA key pairs at a minimum key size of 768 bits.  A 
>>user agent MUST NOT generate RSA key pairs less than 512 bits long. 
>>Creating keys longer than 1024 bits can cause some older S/MIME 
>>receiving agents to not be able to verify signatures, but 
>gives better 
>>security and is therefore valuable.  A receiving agent SHOULD be able 
>>to verify signatures with keys of any size over 512 bits. Some agents 
>>created in the United States have chosen to create 512 bit 
>keys in order to get more advantageous export licenses.
>>However, 512 bit keys are considered by many to be cryptographically 
>>insecure. Implementers SHOULD be aware that multiple (active) 
>key pairs 
>>can be associated with a single individual.  For example, one 
>key pair 
>>can be used to support confidentiality, while a different key 
>pair can 
>>be used for authentication.
>>
>>(new) If an S/MIME agent needs to generate an RSA key pair, then the 
>>S/MIME agent or some related administrative utility or 
>function SHOULD 
>>generate RSA key pairs using the following guidelines.  A user agent 
>>SHOULD generate RSA key pairs at a minimum key size of 1024 bits.  A 
>>user agent MUST NOT generate RSA key pairs less than 1024 bits long. 
>>Creating keys longer than
>>1024 bits can cause some older S/MIME receiving agents to not be able 
>>to verify signatures, but gives better security and is therefore 
>>valuable.  A receiving agent SHOULD be able to verify signatures with 
>>keys of any size over 512 bits.
>
>I fully disagree with "MUST NOT generate RSA key pairs less 
>than 1024 bits long". A signature that is of little value that 
>is only supposed to last a week is fine at 512 bits.
>

References:
- S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.
- Re: S/MIME v3.2 IDs key size text
  - From: Paul Hoffman

Prev by Date: RE: S/MIME v3.2 IDs key size text
Next by Date: RE: S/MIME v3.2 IDs key size text
Previous by thread: Re: S/MIME v3.2 IDs key size text
Next by thread: Re: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread