Re: questions: key length & cert retrieve: draft-ietf-ipsec-pki-req-01.txt

Rodney Thayer <rodney@tillerman.nu> Fri, 11 September 1998 01:43 UTC

Message-Id: <199809110057.UAA03917@2gn.com>
Date: Thu, 10 Sep 1998 21:49:20 -0400
To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
From: Rodney Thayer <rodney@tillerman.nu>
Subject: Re: questions: key length & cert retrieve: draft-ietf-ipsec-pki-req-01.txt
Cc: ipsec@tis.com
In-Reply-To: <199809102337.XAA08924@orchard.arlington.ma.us>
References: <Message from Rodney Thayer <rodney@tillerman.nu> <199809102051.QAA02975@2gn.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

At 07:37 PM 9/10/98 -0400, you wrote:
>> a 512 signing a 1024 seems insecure, to me.
>
>Not necessarily, if the smaller key is a short-term key and the larger
>key is a longer-term key.  An odd configuration, no doubt, but I know
>at least some people like the idea of on-line CA's which give out
>short-term certs...

I can see this argument but some people don't believe in short-term certs (some CA engines have limited capabilities to set how far in the future a certificate expires, for example)

>
>Also, it's not immediatley clear how to compare (e.g.) RSA and DSS key
>lengths.  It's certainly technically possible to have a cert signed by
>a DSS key which contains an RSA key and vice versa.

good point.

>
>Moreover, the "all keys must be the same length" restriction seems
>tailor-made to prevent the gradual deployment of longer-length keys
>through a network.

very good point.  text changed.

>
>For this and other reasons I think the "all key lengths must be the
>same" restriction should be removed from the draft.
>
>					- Bill
>

questions: key length & cert retrieve: draft-ietf… Hsu, Yung-Kao
Re: questions: key length & cert retrieve: draft-… Rodney Thayer
Re: questions: key length & cert retrieve: draft-… Bill Sommerfeld
Re: questions: key length & cert retrieve: draft-… Rodney Thayer