[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: Re: IKEv2 Key Size Conformance Requirements
Bill Sommerfeld wrote:
> Unless someone can demonstrate there's a meaningful difference in
> security between a 1022-bit and a 1024-bit key, may I suggest that
> Postel's rule of thumb ("Be liberal in what you accept and
> conservative in what you send") applies here?
>
> - MUST generate keys with moduli which are exactly at these bit sizes
> - SHOULD accept keys with moduli even if slightly smaller than the
> mandatory sizes.
Considering the reality we live i - I second this opinion.