[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: S/MIME v3.2 IDs key size text

To: ietf-smime@xxxxxxx
Subject: RE: S/MIME v3.2 IDs key size text
From: Paul Hoffman <phoffman@xxxxxxx>
Date: Fri, 2 May 2008 14:43:47 -0700
In-reply-to: <E1Jrznz-0005zT-Rs@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <E1Jrznz-0005zT-Rs@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx


At 6:16 AM +1200 5/3/08, Peter Gutmann wrote:

"Turner, Sean P." <turners@xxxxxxxx> writes:

A receiving agent needs to be able to verify signatures whose key length is
chosen by the signer. For interoperability, a receiving agent MUST be able to
verify signatures whose key length is 1024 bits or shorter.


[...]

Receiving agents are only required to validate signatures that are the same
length as sending agents are required to produce, namely 1024 bits.


Aren't these mutually exclusive?


Yes; that's why they are in separate sections.

(The "or shorter" attached to the "1024" is also going to prove problematic
with FIPS-evaluated crypto implementations, since you can't do < 1024 bits for
those).

That's just plain wrong. Nothing in the FIPS evaluation says that youcannot verify signatures shorter than what they require.

Follow-Ups:
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.
- RE: S/MIME v3.2 IDs key size text
  - From: Peter Gutmann
- RE: S/MIME v3.2 IDs key size text
  - From: Luther Martin

References:
- RE: S/MIME v3.2 IDs key size text
  - From: Peter Gutmann

Prev by Date: RE: S/MIME v3.2 IDs key size text
Next by Date: RE: S/MIME v3.2 IDs key size text
Previous by thread: RE: S/MIME v3.2 IDs key size text
Next by thread: RE: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread