[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: S/MIME v3.2 IDs key size text

To: "Turner, Sean P." <turners@xxxxxxxx>, <ietf-smime@xxxxxxx>
Subject: RE: S/MIME v3.2 IDs key size text
From: Paul Hoffman <phoffman@xxxxxxx>
Date: Fri, 9 May 2008 14:40:17 -0700
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <> <> <>
Sender: owner-ietf-smime@xxxxxxxxxxxx


At 12:37 PM -0400 5/6/08, Turner, Sean P. wrote:

Just a thought ... since we've now got a way to indicate + and - with
requirements should we apply it the key sizes in 3850bis?  That way people
will have a hint that in the next update the shorter keys will likely become
not so welcome and large keys more so?

   0 < key size < 511  : MUST NOT
 512 < key size < 1023 : SHOULD-
1024 < key size < 2048 : MUST
2049 < key size < 4096 : MAY

Beyond what Russ just pointed out, I find the first line to be in badtaste. Any IETF spec that says "you must not be able to verify asignature even though it is valid" is pretty offensive.


Can we return to talking about interoperability?

Follow-Ups:
- Re: S/MIME v3.2 IDs key size text
  - From: Timothy J Miller
- RE: S/MIME v3.2 IDs key size text
  - From: Peter Gutmann
- Re: S/MIME v3.2 IDs key size text
  - From: Blake Ramsdell

References:
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.
- RE: S/MIME v3.2 IDs key size text
  - From: Tony Capel
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.

Prev by Date: RE: weak authentication issue with rfc5083
Next by Date: Re: S/MIME v3.2 IDs key size text
Previous by thread: RE: S/MIME v3.2 IDs key size text
Next by thread: Re: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread