Re: [saag] Don't use short keys...

SM <> Thu, 25 October 2012 00:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5E0831F0C4C for <>; Wed, 24 Oct 2012 17:04:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.588
X-Spam-Status: No, score=-102.588 tagged_above=-999 required=5 tests=[AWL=0.011, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 89XDSDsmCalD for <>; Wed, 24 Oct 2012 17:04:34 -0700 (PDT)
Received: from ( [IPv6:2001:470:f329:1::1]) by (Postfix) with ESMTP id C02FC1F0419 for <>; Wed, 24 Oct 2012 17:04:34 -0700 (PDT)
Received: from (IDENT:sm@localhost []) (authenticated bits=0) by (8.14.5/8.14.5) with ESMTP id q9P04Uik027274 for <>; Wed, 24 Oct 2012 17:04:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail2010; t=1351123474; bh=BSF5xTzV2jX5BLPTscTWaiaE4Fk8ZVOZ9V3uE4xmTCQ=; h=Date:To:From:Subject:In-Reply-To:References:Cc; b=TMCP38/C3roO9B90c6ta/NWiV3J6ImxVuWiVu1JJV692Fl3XRiolisJ7vPyVPDOwl iR6GyM+og4huFmWJsZWmV9NkCm9BUgmgXj7dKqnYKVb2P7I8jHvcDTTPf2BU21TjBk pXDb4xhUfTq0fNibghq/Q95ezRv4kMbOsq2dS5IA=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail; t=1351123474;; bh=BSF5xTzV2jX5BLPTscTWaiaE4Fk8ZVOZ9V3uE4xmTCQ=; h=Date:To:From:Subject:In-Reply-To:References:Cc; b=wXjiw6eZU2drs6P/GVOr13zLjeKVsrrko2dx9KcefKhiel6LzzDSNsZHzDBnBp103 t0Uz/8Av6QFqKNhXtVlhAFldZELlmdR26CV1pKBtckAx1Hy0hdD69xth16qUFw9qQv 5Wni8+J1VUI3Z7xb9s0qBmZuUg4vJehdABP9bHkA=
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Wed, 24 Oct 2012 17:01:10 -0700
From: SM <>
In-Reply-To: <>
References: <>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Subject: Re: [saag] Don't use short keys...
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 25 Oct 2012 00:04:35 -0000

At 06:53 24-10-2012, Steven Bellovin wrote:

Dan Romascanu filed the following comment about a draft in January:

  '2. I know too little about the operational model of configuring a report
      generator, so I was left wondering how are the first two
      recommendations implemented in practice:

      1.  Select an arbitrary string that will be used by an Administrative
          Management Domain (ADMD) that generates reports.  This string
          will not be changed except according to a key rotation policy or
          similar.  Call this the "redaction key".'

It is unfortunate that security considerations in specifications are 
not given adequate consideration.  Software is installed in fire and 
forget mode [1].  Implementing recommendations such as the above, for 
example, might help remove some of the cruft.


1. I don't claim to be any better.