Re: RFC: DSA key lengths; Elgamal type 16 v. type 20 Mon, 26 August 2002 12:54 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id IAA07568 for <>; Mon, 26 Aug 2002 08:54:03 -0400 (EDT)
Received: by (8.11.6/8.11.3) id g7QBHG023613 for ietf-openpgp-bks; Mon, 26 Aug 2002 04:17:16 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with SMTP id g7QBHE223607 for <>; Mon, 26 Aug 2002 04:17:15 -0700 (PDT)
Received: from (unverified []) by (SMTPRCV 0.45) with SMTP id <>; Mon, 26 Aug 2002 13:11:58 0200
Message-ID: <>
Date: Mon, 26 Aug 2002 13:11:58 +0200
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
Subject: Re: RFC: DSA key lengths; Elgamal type 16 v. type 20
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 7bit

Hash: RIPEMD160

Brian M. Carlson wrote:
> I'd like to nitpick for a second. Section 12.6 states, "Note that present
> DSA is limited to a maximum of 1024 bit keys, which are recommended for
> long-term use." Actually, it is DSS (the *standard*), not DSA (the
> *algorithm*) that is limited to 1024 bits. I'd like to suggest that we
> replace that sentence with, "DSA keys SHOULD NOT exceed a size of 1024
> bits." This way, we can maintain backwards compatibility and compliance
> with DSS, while providing adequate security for people who really want
> it. Might I point out that IEEE P1363 allows for DSA keys longer than
> 1024 bits, so there is precedent in the cryptographic community.

there is precedent before that:
PGP5.5.3 can use up to 2048 bit DSA keys, but can not generate them.
PGP5.5.3ckt can use and generate up to 2048 bit DSA keys.
PGP6.5.8ckt can only use 'em.

Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1