[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [resend] Use of DNS to distribute keys

To: kaufman@zk3.dec.com
Subject: Re: [resend] Use of DNS to distribute keys
From: "Beast (Donald E. Eastlake, 3rd)" <dee@skidrow.lkg.dec.com>
Date: Mon, 20 Sep 93 14:23:52 -0400
Cc: pmetzger@lehman.com, pem-dev@tis.com, ipsec@ans.net
In-Reply-To: Your message of "Mon, 20 Sep 93 10:01:59 EDT." <9309201402.AA02037@abyss.zk3.dec.com>


From:  kaufman@zk3.dec.com
To:  pmetzger@lehman.com
>>Make it into a 1024 bit key, the minimum you need for real security,

>I couldn't let this pass.  With our current knowledge, 1024 is about
>the maximum useful RSA key size, not the minimum.  512 bits is plenty
>for most uses.  It is roughly where DES was 15 years ago: perhaps NSA
>can afford to break it but no one else can.  ...

If 1024 is the maximum useful RSA key size, they obviously it would be
a good idea to design a system that could accomodate it, as well as\
smaller sizes.

>...
>	--Charlie

Donald

References:

Re: [resend] Use of DNS to distribute keys

From: kaufman@zk3.dec.com

Prev by Date: Re: [resend] Use of DNS to distribute keys
Next by Date: Re: draft spec and pilot implementation
Prev by thread: Re: [resend] Use of DNS to distribute keys
Next by thread: Re: [resend] Use of DNS to distribute keys
Index(es):
- Main
- Thread