On Tue, 17 Aug 2010, Steven Bellovin wrote:
They also suggest that a 3-4 year phase-out of 1024-bit moduli is the proper course.
Note that this is because they take into consideration that secrets have to be unbreakable for decade(s), which is not the case for all uses of RSA. For example in DNSSEC, a key can be rolled in a matter of hours or days. Paul --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com