Re: questions: key length & cert retrieve: draft-ietf-ipsec-pki-req-01.txt

Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us> Thu, 10 September 1998 23:21 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id TAA25677 for ipsec-outgoing; Thu, 10 Sep 1998 19:21:09 -0400 (EDT)
Message-Id: <199809102337.XAA08924@orchard.arlington.ma.us>
To: Rodney Thayer <rodney@tillerman.nu>
cc: "Hsu, Yung-Kao" <yungkaohsu@lucent.com>, ipsec@tis.com
Subject: Re: questions: key length & cert retrieve: draft-ietf-ipsec-pki-req-01.txt
In-Reply-To: Message from Rodney Thayer <rodney@tillerman.nu> of "Thu, 10 Sep 1998 17:53:12 EDT." <199809102051.QAA02975@2gn.com>
Date: Thu, 10 Sep 1998 19:37:56 -0400
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

> a 512 signing a 1024 seems insecure, to me.

Not necessarily, if the smaller key is a short-term key and the larger
key is a longer-term key.  An odd configuration, no doubt, but I know
at least some people like the idea of on-line CA's which give out
short-term certs...

Also, it's not immediatley clear how to compare (e.g.) RSA and DSS key
lengths.  It's certainly technically possible to have a cert signed by
a DSS key which contains an RSA key and vice versa.

Moreover, the "all keys must be the same length" restriction seems
tailor-made to prevent the gradual deployment of longer-length keys
through a network.

For this and other reasons I think the "all key lengths must be the
same" restriction should be removed from the draft.

					- Bill

questions: key length & cert retrieve: draft-ietf… Hsu, Yung-Kao
Re: questions: key length & cert retrieve: draft-… Rodney Thayer
Re: questions: key length & cert retrieve: draft-… Bill Sommerfeld
Re: questions: key length & cert retrieve: draft-… Rodney Thayer