[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: speaking of keys
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "The" == The Purple Streak, Hilarie Orman <ho@alum.mit.edu> writes:
The> You only get about 80 bits of strength from a 1024-bit DH group. That
The> seems insufficient for reasonable paranoids.
Yes.
I'd like to see the 1536 group ("group 5", still in ID queue) as a MUST
in IKEv2, and I'd like to see the next larger group given a SHOULD.
(group 5 is spec'ed as MUST for FreeSWAN-style Opportunistic Encryption,
to support 3DES)
It is very important that we spec something, and that we also suggest where
the failover direction is.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPfEHIoqHRg3pndX9AQFmzQQAsXT+zicDWjynT0zYiEJ85bGNdfv8ssl4
LYg/PI9PcL1xlbz0oW41Lc924fZO5aKsHCNtMN1UpEWg6LLXXkvs0m0hU+0ijIZs
KvGgEfizwdOfAFRw/P1SgjNsSO01YKOh0zSv8M9OgBiYMcN/p5UeQPX0UeYgxZZV
KQpjqLeA12k=
=bm+5
-----END PGP SIGNATURE-----