[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: S/MIME v3.2 IDs key size text

To: Luther Martin <martin@xxxxxxxxxxx>, "ietf-smime@xxxxxxx" <ietf-smime@xxxxxxx>
Subject: RE: S/MIME v3.2 IDs key size text
From: Paul Hoffman <phoffman@xxxxxxx>
Date: Fri, 2 May 2008 15:46:21 -0700
In-reply-to: <B870629719727B4BA82A6C06A31C291203064022EC@xxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <E1Jrznz-0005zT-Rs@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <> <B870629719727B4BA82A6C06A31C291203064022EC@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx


At 3:17 PM -0700 5/2/08, Luther Martin wrote:

 > >(The "or shorter" attached to the "1024" is also going to prove
 problematic
 >with FIPS-evaluated crypto implementations, since you can't do < 1024
 bits for
 >those).

 That's just plain wrong. Nothing in the FIPS evaluation says that you
 cannot verify signatures shorter than what they require.
I'm not sure that's accurate. A FIPS security policy is fairly clearabout exactly what keys and key sizes you can use in FIPS mode, andI'm fairly sure that this stops you from using smaller keys in FIPSmode, even to verify a signature.

That's quite different than what I said. In FIPS mode, you may needto only validate FIPS-mandated signatures (there is even somedisagreement about this). However, a FIPS-evaluated system can alsovalidate non-FIPS-mandated signatures, just not in FIPS mode (maybe).

References:
- RE: S/MIME v3.2 IDs key size text
  - From: Peter Gutmann
- RE: S/MIME v3.2 IDs key size text
  - From: Paul Hoffman
- RE: S/MIME v3.2 IDs key size text
  - From: Luther Martin

Prev by Date: RE: S/MIME v3.2 IDs key size text
Previous by thread: RE: S/MIME v3.2 IDs key size text
Next by thread: RE: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread