Re: S/MIME v3.2 IDs key size text

[Blake Ramsdell <blake@xxxxxxxxxxxx>]

On Tue, Mar 25, 2008 at 09:34:02PM +0000, Dr Stephen Henson wrote:
>  It isn't merely a key size issue. A signature using a 16K key and a small 
>  public exponent (such as 65537) can be verified using far less
>  effort than one with a 16K public exponent.

Based on this and Paul's comments, I think that there are definitely two
separate issues:

1. Guidance for interoperability (MUST / SHOULD for keylengths)

2. Security considerations (don't bite off keys bigger than you can chew)

Unfortunately, this opens up a new can of worms for the security
considerations -- how do you specify the right combination of exponent and
modulus values for RSA that are a problem? Are there a similar set of
giant parameters that might be used with DSA?

Blake
-- 
Blake Ramsdell | Sendmail, Inc. | http://www.sendmail.com