Re: RFC: DSA key lengths; Elgamal type 16 v. type 20
disastry@saiknes.lv Mon, 26 August 2002 12:54 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA07568 for <openpgp-archive@lists.ietf.org>; Mon, 26 Aug 2002 08:54:03 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g7QBHG023613 for ietf-openpgp-bks; Mon, 26 Aug 2002 04:17:16 -0700 (PDT)
Received: from hackserv.saiknes.lv (hackserv.klinkmann.lv [195.2.103.8]) by above.proper.com (8.11.6/8.11.3) with SMTP id g7QBHE223607 for <ietf-openpgp@imc.org>; Mon, 26 Aug 2002 04:17:15 -0700 (PDT)
Received: from saiknes.lv (unverified [195.2.103.8]) by hackserv.saiknes.lv (SMTPRCV 0.45) with SMTP id <B0001603622@hackserv.saiknes.lv>; Mon, 26 Aug 2002 13:11:58 0200
Message-ID: <3D6A0CFE.B5941F78@saiknes.lv>
Date: Mon, 26 Aug 2002 13:11:58 +0200
From: disastry@saiknes.lv
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: RFC: DSA key lengths; Elgamal type 16 v. type 20
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Brian M. Carlson wrote: > I'd like to nitpick for a second. Section 12.6 states, "Note that present > DSA is limited to a maximum of 1024 bit keys, which are recommended for > long-term use." Actually, it is DSS (the *standard*), not DSA (the > *algorithm*) that is limited to 1024 bits. I'd like to suggest that we > replace that sentence with, "DSA keys SHOULD NOT exceed a size of 1024 > bits." This way, we can maintain backwards compatibility and compliance > with DSS, while providing adequate security for people who really want > it. Might I point out that IEEE P1363 allows for DSA keys longer than > 1024 bits, so there is precedent in the cryptographic community. there is precedent before that: PGP5.5.3 can use up to 2048 bit DSA keys, but can not generate them. PGP5.5.3ckt can use and generate up to 2048 bit DSA keys. PGP6.5.8ckt can only use 'em. __ Disastry http://disastry.dhs.org/ -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1 iQA/AwUBPWnwxzBaTVEuJQxkEQOgnACg7VFNSR9CZV1x4w43hTW79t0LdbQAn2ad XG9yy4r9EVZ2NwO0B5q0qCNe =dX42 -----END PGP SIGNATURE-----
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… Werner Koch
- RFC: DSA key lengths; Elgamal type 16 v. type 20 Brian M. Carlson
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… Jon Callas
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… disastry
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… Len Sassaman
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… Jon Callas
- Re: RFC: DSA key lengths; Elgamal type 16 v. type… Brian M. Carlson