IETF Logo Mail Archive

[Dcrup] draft-ietf-dcrup-dkim-crypto-00

"Mark D. Baushke" <mdb@juniper.net> Fri, 19 May 2017 11:58 UTC

Return-Path: <mdb@juniper.net>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 529D112EBC4 for <dcrup@ietfa.amsl.com>; Fri, 19 May 2017 04:58:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.022
X-Spam-Level:
X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSFENffflmgw for <dcrup@ietfa.amsl.com>; Fri, 19 May 2017 04:58:29 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0106.outbound.protection.outlook.com [104.47.41.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F45312EBD5 for <dcrup@ietf.org>; Fri, 19 May 2017 04:51:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HC2SuYVVKR9PvEmMRoCnZSkr6Awy+t1bKHMIyu5RYKE=; b=PPegKdRjjK4RqMFG6kbz8oEFqmknxkLx/0sKoLj13ytd7IswUwVsUAdlQSSABlAiZH1HBls+69xlnwuJv6/JSx28S9m6vcv+pvK1T1SF2OmK7cV15/FypE7J8CzLb/A09yG+tG2/R09+wm8zskwKfJ3EH0G50BJ2AEZWbpmEYmg=
Received: from BY2PR05CA035.namprd05.prod.outlook.com (10.141.250.25) by BY2PR05MB1974.namprd05.prod.outlook.com (10.163.32.152) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1101.8; Fri, 19 May 2017 11:51:50 +0000
Received: from CO1NAM05FT015.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e50::207) by BY2PR05CA035.outlook.office365.com (2a01:111:e400:2c5f::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1124.5 via Frontend Transport; Fri, 19 May 2017 11:51:50 +0000
Authentication-Results: spf=softfail (sender IP is 66.129.239.12) smtp.mailfrom=juniper.net; akamai.com; dkim=none (message not signed) header.d=none;akamai.com; dmarc=fail action=none header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.12) by CO1NAM05FT015.mail.protection.outlook.com (10.152.96.122) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256) id 15.1.1075.12 via Frontend Transport; Fri, 19 May 2017 11:51:49 +0000
Received: from p-mailhub01.juniper.net (10.160.2.17) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Fri, 19 May 2017 04:51:48 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id v4JBpmNp010112; Fri, 19 May 2017 04:51:48 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id D6F391144E; Fri, 19 May 2017 04:51:47 -0700 (PDT)
To: dcrup@ietf.org
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Fri, 19 May 2017 04:51:47 -0700
Message-ID: <71169.1495194707@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.12; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39410400002)(39400400002)(39840400002)(39850400002)(39860400002)(2980300002)(9170700003)(48376002)(50986999)(110136004)(356003)(6916009)(5003940100001)(6266002)(50466002)(230783001)(53936002)(117636001)(76506005)(53416004)(55016002)(6306002)(7846003)(966005)(8936002)(77096006)(54356999)(2351001)(106466001)(105596002)(6392003)(38730400002)(2906002)(8676002)(86362001)(2810700001)(478600001)(5660300001)(81166006)(189998001)(305945005)(7696004)(7126002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR05MB1974; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; MLV:sfv; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; CO1NAM05FT015; 1:SDnijDNactcmcFIjnoH+V0oaNGhWafrD1n7QU72caPWQfMqPH9vXtDPoFN2MtigK/n6pISbc64Ov89uAuZK7NegLzaEgkvh1ZOAHyMoR1IXe8UPnXy333wVQWyEbTsXs5wA60xt3Zt+Z+lPytH1ieQjqFZcrPltQdnz3uljSp58YpzqUmBkZ58FPTWP2AK+Ds/+3RUQSL3wnOUzRpYMX0l50ZKeSca4/knlqgUaPev0I4jKH81g+hX6n0eISHNrv8pTWMdzrYM+QMdxLJWJx6vcLJvmcDQU6dwe7Z/NgezPmxbIFq7S0dL9f7WEH+jOCFtNwKKdXyJNguoCCqwpdwlo9H8kpxijstvsvaMbwtf94ocOvvnuD4SaFErzRRybIIQFpAhf/KLDep8Qz1FLlBzIew57N8Xx5CDRkI/WZ2yqv3Lezu9yOOCjzDQktU8Qa5FtM0U8rjSgbl0uLf0VDgOw4jdWY+71mQVgLIhtb7m67oM/acYEYiFcfzusWWb2aZqZSb+iEYItH3wjlYBo0O1zXTRhWJPut9nrofrL4TeRUZDiv6msIo+IRnjEGONCQ63r9MGzEHcRKHTYTlcM0Fa9FZDM/5FGF3OVjxxJJ/Z8=
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BY2PR05MB1974:
X-MS-Office365-Filtering-Correlation-Id: 78f7c0f2-92fa-44da-5f40-08d49ead6f60
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:BY2PR05MB1974;
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 3:wvM7BGbl9qA0ZccnX8tCLO37ROwvOUMtSovOZ7c7C6XDbQaronfcr0kcbbVdfiEeWGofTWLzE9ZYeie0CFe3IM5H2G//RTqQgrpJSUHfLLOJejWH2BkWX5lZhGSivWMsWGN2CKIo9XLXlVhRQEcd5mDk8Er11hZCOLC9GhyX8umjKzDYFAEXqLQc7qz7IQrRlroBbG+xrxLLdVGkVJgHNRrgpmmhXfWzX0Sa5HNGM9O+tXnk/9sPanB3oCmwtMN01xJ8HTg9VpMtkVBVo3CpygH0VNo66IdV9Xrsaq6rjjP2aVbgUNGp2RMx3GHbNZe8lVSnBe9OMmEDU67Twq9pkETO6xcqWYy/kj04IiPkTUVXOMH2+PgyGkrCgVJDRbq7jPVFUSWsptCIvag3vFWoKuuio1sQow7Vd+Re0qZ3f1085h3Fg88jRz10c4s+7kHwHRPvuM1XiuqC0hRIDYu+og==
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 25:kcfTNk8jEJiPJGgFtfaYmnm0fZV1cNPjipzSP8MC23QQUim7UffzHyiAH08CFM76/xxXOGQsEVjC7Hn/ZnFgaLXzhYanRVjIAi9LiiheqkRhAypXFPG4CF5RxTcrdj6wmMNmtSFdUmVbCUOgoorkfRVI3E1k6Kh31hDgCtv6p/+0a/GPctNt54yLaZBhBou1PikGAp7ARH0YpmdXt8EHmFrcescZ0FHs5gydQDtgDPfDkLVmnY0XyxatlQMdrcCZaMY59HgKwyRpAE6DjIZ9K7dy4zha4/caPeMjuPE17q9DP2LijXuuxx2lYaDjrcghhqSI23rGE9PkfNx03jL7MLF6Y7UKobynW9Hn86IpT4fbeEDnibyOesTNWCYTlXMG1/BzvcCZTiZkH/wTcp/GP+du5cBVJDwRoRd7B5u7ieY9Yz7ttSPfFgDIPctaTTld0fmhPwUOOqualA48AcNGpJEHoICELp352zh1kgpwW2I=; 31:29PWaEFkHf1JZeATd6a98vCchow7vCn/Zxki/s1PutoYTQ29sVCVjoxcSBeWTm58+6l3sHLfGsL1IHu9u+P4yFUjJnrOElb3Oz58Folp6BIELV16aecr+Ogxl8xGjE+VD3/khMN7VYjY7O3s5WoYLzLKtl6BThWIbVp0ae10eeIrvlMS3FSB4Iiihrz+OOggqi75gsSDKOjTHwWRTgkSui3w8kPaMP2BMmo5A9idbuoIzXYwQHDcgfPXsgghMrmlKhDBCt0kyNGraIN0NYpGcQ==
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 20:657YzeHd+j3PheYwwWNk0w6EbOyEOffD8QJ/43MubBuGRLVRtPOYkShSRhcvck0UYaovC8cipU/FV8IA4Xkpi44KUxh10jBSpnvEva0KdXPJh0uqA1t/kA4cj0jMPPddHCTLG43WixZNCdV1Ai2b6cjoTGvzcWGOh3WOMhp0vvMU5UToVV77lpV7tSq5kxT/vrWxNJe+VCzExbKjBZbxHcVWwnM6ghEfV55P+c46fBLXWpAuYmZLKSsVo0W+tMeBMBN20kCQZwFf1BlKrslxBRa2GUv8uTcA1foW8khyeeerSHo0XLfJ/HDs0uJInZVVu7jzY2/vJMDVLk79NZ0Yno4RmtfnOA3E7uIpAtULljPE/t/Gbb3nmN1/t/2WyNAuZl5vcvq4LQSBBRp6JUgSYefr8WUAWjTmCmo78AR94VxbQXOJwKOX1R58N6vQ3U6lJOdY3ivF6YoVvCs6z7w4kV5tSC/4iY49UOq0+kfXeweksyCxQ9u+PK/z7KEMnTr3
X-Microsoft-Antispam-PRVS: <BY2PR05MB19749978B312F8766254EAF8BFE50@BY2PR05MB1974.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(76576733993138)(165104125076784)(120809045254105)(177329092695168);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(13017025)(13015025)(13024025)(13023025)(8121501046)(13018025)(3002001)(93006095)(93003095)(10201501046)(6055026)(6041248)(20161123558100)(20161123562025)(20161123555025)(20161123564025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148); SRVR:BY2PR05MB1974; BCL:0; PCL:0; RULEID:; SRVR:BY2PR05MB1974;
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 4:jPxHYhUr5balxX+Cijwkapyhfjz1oQmE1Q0wB4Rbehp/KCkvNh94wiU8v8ExZY9qX9OxrqbgjYBeupqS810H7bSqjGomFmxO7f/ihrxOvV6BJZ4cHr1FkPhPqjeuFTDabUxqL4huiWIbGzFRQMqdTHGi7ESY4eufHsg4Es37+CcVf0ObhKMyJCW35mo0cct56+XxgqwjVfkdT+7MxuYSMZGcuGqB7sU4hyHudDs5upFW9MHtMOUHjBEF7uggt8koqBSPObpnDD1T4MagJstezks0YvWUclINnjebIpo5i2vhF68mqGRtbl6aYrSFZMWuqYdEmXlFy7qTgPKW/EITMrV4yHx6icHo4Me9zw6SLB7ATVx6V+PVqXUHHmD3/VlugIWMVKAYBNwxLWbbetVkVZTzzyzwGq5Lb0l4UCKZjpsnBPLU93vjgwioP64nJYtlxFzdtUWk01G1T3KOru/JlwLPRZoGZap+UAdBjOYrYytMozbM5dHmPvE7BLzhdP3lAZdMbu5kpe36484wVnSCny2LZPM3FU+XbVnFycYfdy7BknwMyboBNCe70wJcu5Yy1bCC8ArS3vXO/th4PGviAe5+xOWyMb++i2bNKFmNUq5slA6Hm00kD6T2lPTNgWZRBtIURZ2pXaHpd2mA2oadrsC3SVPyuriwEJzr/EbNbF8VyZaB+x729QnVJwJxcXNpkfZ9/j0N3y5JodxuKKMUB6JmGvLQZ9lQxepcdKMJMy11GNV9vUTfcHKCKUdCqpLKp/76FjWZNmLAHRdWkZONPrcHd9Ex1pe4LZGKT0o2LztCA51U4ERSLDfqncJDKQNFd7OnFQF4PCA2bbh7SmM/5PpzJ3Ccz+QmsGfESZMRSv9It+lB5GbTh6IFf0CUtowB1xrfXMkMWYX33ywcPzELbv2clxB7FY9pQukG/Bq7I4hsOyNxVkyep5IN3dFjZfGx8AloVJnbfiFrnTo+AGnAeKyQYVt/BwKKiJhtshfQaLhAQEO+Y3Riij3zKqgmZzBMHoMWMtlyT5GinLW1pTSTfCpD5U+9vIR6OQVYqtggwJI=
X-Forefront-PRVS: 031257FE13
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 23:Ys9AqzywB415x5Ukv2eBVbJ7AzA9bpcxH38pj4TdT1w1n4J1RiIAk6zb8a+zQokCGuO8gBiHXaHSqQCqUocThnLhVLUTLZ0G/5y9Ppg1TdHQTyjaqUKIdjScE0LCo2Gr1NEJleZBHDeWmV/vqdNOXWqqtFFRECVmcfmb1ITQAKdAHv+nVSKwKeh5tkGsi1hYXc+rkLQBnlk2/PazeyyL6u3UKrFAVclTdEHsbrO/2Bg1kOE4jngcLlukpM0Crigwkfk0G976pGwGO4AAIiyzNMBjvRAcZ7rQdqt+XHTd4U+H6ghwTZwJB0alK7wroLw+ZCRe3vUSTYjZsbW/9iyT8wFQ6ygprWZ2W3LUyft2JYlspe2ZKRZ7GHOYEC9trwI5P/pKpPJ+a2dpllii/YnQiRcH+bF63C26pQy6jh2arJbhnSgVU4fzbfyoPUZa851zAyynUJWxDe60ZOi/M76KKlBfCizrs5t/dLoWl9BSrrrw1oSuTpP/5K3+7s+e6dWtLBbG726SQBIQpuxgVnf+yllwUWQJnNt2eqFhFR7XD+o9DzzCTzAUlPo2hmuYR2R+sVYCVFzbDhWzpt7seuEWqXqNvt2pdLiChqumfZRe8+PzX0R8aCqSJJpfd4ztY4vUS90FhYQmGHuBX/Q6ABg2L2IyszosJfLpiUDB4b3HemvTs/jDMX+3aU8VqjUVPDUyn3fwDoeWEgBjOHg9M4u5PrUBpwcCnRP/b3MoRRkcAvbeWSeqA1OkI94y5nyrDKaQ4JZ38UUKLywXN1Czpn+Cyam0ZOjnjwN9GUTmK3AkQO1UnAQyqnZEVxb2RdHo2Q0cZWYVsjXFrU/Whz7Lopjp71o38Ppoo3RTJeIibzTTjtNil9NqHbA9GBjEOiiGT+4NL0R4J+kflZhy/Ibot/frmelRckoupGGd6Qlqgan0YYVYvTZbH84fR8lPcCYCvjjxF8jB/fIVLKjv4Ov2CBBeA3XWn0IZuACqE0HZIALHj9BaUkRUfRdY7fRUnBOe1Jtt1wz4xPFHAyktqwGyxfmr5XbhsY4PyFHL5eOCAP/DLAjmXILvYCvM6zIyI2k34o6YlTt8rYq3Fg70fnb7NUJGm0TE15m8yKOcOExIoPzUOHn+wATYJrtJPULwDhz6idgSZZceBb02EcJbLo0TVL66Tw==
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 6:ejA0tbss6T+bM9UUiEh0C2xHo2Ic4EfzpoiBeozHCz6dv+pz6HJs+cMJ9yH26EA7CWcGdEGDehIj2xHkucFwdhi5FSEd0pLJdiKyBMPGjYZCfGdg2H3PqKEC/bl+5KKH7X1ylB6L47lFQkN/KeTYhPd0IcOYbHVj6H3AGnMz/7FhKXILyye7EQrhVo0POr7kJiC6eID8ZFC8SXI4MPNry76ful4qJ9kI3ukXLrlTPnRZ743cC5jb0+STOD1i0OKkBk5YUnlxm4PNhSaX0VT8vbeP8znajfzkXWTVkp6Z93ehxzVZrx1ty160Q6gl4IfSIWt4VsSL/SYNSjdYXs7Qp/yIrR/o89Lwd3LCVolxs4sAIFvE3nT2L1tIqFSvWN/ONyNeA8bI9qTMMnncwBgyOXPvcup3N5q9o/aYIWVTmLv8ZwW6Lw5wu/msDVH6/MMgvQqpfqxVA3BUl387CW4Y0cQJYSPUjxWE/+QNuC3mcbTKEpm9j22GTBhDkENLwLucEt3o17u7Y6ef272BkpraUIAQRgmbaAuWVsp1b4lPip8=; 5:SElj5sAUqbO7OxFl50wuv1EE/pTuXmJ/wu003+vanXzagWhW+Fi8g0bjCkA+KciTIWPKDc0JQK9UpLkzl0XeWNkFGeSKrWNz+FJKb9+SQ3QY+YLIMUt1/xRZETx7s2cTNOShoAJu9Q65Ayolt5B7bg==; 24:tewG0/Dj/jmG4zX8Mrkuvv55+8eAdhFuIS1yLIY/TQWa5JhLrXNc62sv6RJhKql812lc4dqo/qCWBa8ypKdMvamtiwzklZRUY7karMcAeDY=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB1974; 7:Y7cvgXUTQKqtCXPELPoSRpJX81+aDXDmNuH1lreD8bf4QITV7UeMKZUYMymHPIlzblg6o9xGjJ64SpK12szCCtdwy5B2/z6QRDDUMBnNPAc78N1BSmIEfRGw43NL0/WfT83WBcrNrTnAZrncyzqgHAzrK40A4yyC05mATiDPc+k4fVX5rjglVMw5edfNU3obD+nWKPnHiQ/0SKzN0O1b/i6KLjD/wBkKHc8kLvnWceG/eDSqHEZpjm1Q3UPu5FLATnurQRPbAC6Oh4JXtTeYCfsf18eD3ihjBRAer4wgMMbNZiQXW+2sS9oSUgqP65xoNY1EAto+zXZAZw19hGvFDw==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 May 2017 11:51:49.8488 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR05MB1974
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/-d0qtW7f0tcjzs1VjAUfubkeImo>
Subject: [Dcrup] draft-ietf-dcrup-dkim-crypto-00
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2017 11:58:31 -0000

Hi,

I suggest that 2048 bit RSA be considered the minimum key size.
Samller sizes are not really safe these days.

In any update of RSA, you really need to determine if your RSA keys will
be using RSASSA-PSS or PKCS#1 v1.5 padding and be careful in the
signature verification methods being used as well as specifying the use
of the SHA2 hash to be used if the key size is greater than RSA 3072
which is the largest that should probably use SHA2-256. RSA key sizes in
excess of 3072-bit keys may want to consider SHA2-384 or SHA2-512
hashes.

I note that you are suggesting signing using ECDH and wonder if you
intended to specify ECDSA or EdDSA as a way to digitally sign using
Elliptic Curve methods as generally ECDH is used for key agreement
protocols.

In section 5, you ask

[[ is there any reason to allow or require RSA keys longer than 2048 ? ]] 

I do not believe that this is required today. However, it will probably
be true in a short number of years.

The IETF CURDLE (CURves, Deprecating and a Little more Encryption) WG
has a few drafts you may wish to read such as

  draft-ietf-curdle-cms-eddsa-signatures

For this draft and others, you may visit:

  https://datatracker.ietf.org/wg/curdle/documents/

An informative reference for your consideration:

The National Institute of Standards and Technology (NIST) Special
Publication 800-131A [800-131A] disallows the use of RSA and DSA keys
shorter than 2048 bits for US government use after 2013.

  http://dx.doi.org/10.6028/NIST.SP.800-131Ar1

Another informative reference:

  Fault-Based Attack of RSA Authentication
  Andrea Pellegrini, Valeria Bertacco and Todd Austin
  http://web.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf

I hope you find the above information useful.

	Enjoy!
	-- Mark

v2.23.0 | Report a Bug | By Email