[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: S/MIME v3.2 IDs key size text

To: <ietf-smime@xxxxxxx>
Subject: RE: S/MIME v3.2 IDs key size text
From: "Carl Wallace" <CWallace@xxxxxxxxxxxx>
Date: Mon, 12 May 2008 10:03:10 -0400
In-reply-to: <ACC9D11D-5092-4594-BB13-2E2A3D3476EC@xxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <> <> <> <> <ACC9D11D-5092-4594-BB13-2E2A3D3476EC@xxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx
Thread-index: Aci0NwFQ77XqvYMvQnyonoenqEXKIwAAEz4g
Thread-topic: S/MIME v3.2 IDs key size text

> How about adding a "MUST warn the user that key is too damn short to
be considered safe, even though the 
> signature is valid" clause instead?
> 
> -- Tim

This isn't sufficient for verification of archived email.  A weak
signature may be covered by a timestamp that enables its verification.
This problem should be addressed using something like DSSC.

References:
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.
- RE: S/MIME v3.2 IDs key size text
  - From: Tony Capel
- RE: S/MIME v3.2 IDs key size text
  - From: Turner, Sean P.
- RE: S/MIME v3.2 IDs key size text
  - From: Paul Hoffman
- Re: S/MIME v3.2 IDs key size text
  - From: Timothy J Miller

Prev by Date: Re: S/MIME v3.2 IDs key size text
Next by Date: RE: weak authentication issue with rfc5083
Previous by thread: Re: S/MIME v3.2 IDs key size text
Next by thread: RE: S/MIME v3.2 IDs key size text
Index(es):
- Date
- Thread