On Fri, 6 Oct 2006, Joe Abley wrote:
This kind of advice regarding specific key lengths and lifetimes seems to
change over time -- the key sizes get longer and the validity periods get
shorter -- presumably as a result of ongoing research and improved
capabilities of the machinery which can be used to break keys.
By specifying absolute values for the algorithm and the key size, this
document leaves us only with the validity period, and changing that in many
cases is going to involve talking to a customer to reissue a certificate.
Talking to customers is expensive.
I would strongly suggest that if absolutely necessary, the key size and
algorithm not not be fixed, but that a basic compatibility requirement
should be set. All of the PXIX working group documents that I've checked
through avoid the pitfall of specifying an absolute algorithm/key size -
and I strongly suspect that there are far more cryptographers there than here.
3.3. Signature Algorithm
This field describes the algorithm used to compute the signature on
this certificate. This profile specifies SHA-256 with RSA
(sha256WithRSAEncryption), and, accordingly, the value for this field
MUST be the OID value 1.2.840.113549.1.1.11 [RFC4055].
Looking in RFC4055, we find that there are already questions about
SHA-256, given the recent advances in attacking SHA-1:
[Page 21/22] If a greater level of security is desired, then a
secure one-way hash function with a longer hash value is needed.
SHA-256, SHA-384, and SHA-512 are reasonable choices [SHA2],
although their security needs to be reconfirmed in light of the
SHA-1 results.
I'd suggest that we refer to a minimum standard (probably as set in one
of the related documents such as RFC4055), and follow the same, standard
means of specifying any 'upwards' improvements in algorithm/key length.
cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
_______________________________________________
Sidr mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/sidr
