[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: S/MIME v3.2 IDs key size text
Dr Stephen Henson <lists@xxxxxxxxxxxxxxxxxxxxxxxxxxx> writes:
>I made a study of the use of public keys in a DoS attack a while ago.
I made an indirect study via SSH a few years ago. The client I was using (no
choice, it was corporate policy) froze solid for about 5s doing a 4Kbit key
exchange with an SSH server. When I complained to the server admin, his
response was that the spec allowed up to 4Kbit keys and numerous other servers
were run this way as well, so that's what he was using.
Building the tools for a DoS into the spec, especially a self-inflicted one,
doesn't seem like a good idea. Give a geek a device with controls that go to
11 and they'll set them to 11 and leave them there.