Re: [TLS] draft-ietf-tls-rfc4346-04 available

To: "Eric Rescorla" <ekr at networkresonance.com>
Subject: Re: [TLS] draft-ietf-tls-rfc4346-04 available
From: "Yngve N. Pettersen" <yngve at opera.com>
Date: Tue, 24 Jul 2007 19:36:18 +0200
Cc: tls at ietf.org
In-reply-to: <20070724162842.35D0833C39@delta.rtfm.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Organization: Opera Software ASA
References: <20070708145051.4C2B033C55@delta.rtfm.com> <op.tvy6fydnvqd7e2@killashandra-ii.oslo.opera.com> <20070724162842.35D0833C39@delta.rtfm.com>
User-agent: Opera Mail/9.22 (Win32)

On Tue, 24 Jul 2007 18:28:41 +0200, Eric Rescorla <ekr at networkresonance.com> wrote:

At Tue, 24 Jul 2007 17:25:00 +0200,
Yngve Nysaeter Pettersen wrote:

I think this:
"The client SHOULD also verify that the DH public exponent appears to be of adequate size."
ought to be worded stronger, perhaps something like
  "The client SHOULD also verify that the DH public exponent is of
equvalent cryptograhic strength as the key used to sign the public key."


I actually do not agree with this position. There are valid reasons
to use long signing keys and shorter key establishment keys.


Maybe.

Alternatively, I'd like some guidance about how to determine what "adequate size" is.


--
Sincerely,
Yngve N. Pettersen

********************************************************************
Senior Developer                     Email: yngve at opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01
********************************************************************

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] draft-ietf-tls-rfc4346-04 available
  - From: Eric Rescorla
- Re: [TLS] draft-ietf-tls-rfc4346-04 available
  - From: Yngve Nysaeter Pettersen
- Re: [TLS] draft-ietf-tls-rfc4346-04 available
  - From: Eric Rescorla

Prev by Date: Re: [TLS] draft-ietf-tls-rfc4346-04 available
Next by Date: Re: [TLS] opensource implementations of TLS-SRP?
Previous by thread: Re: [TLS] draft-ietf-tls-rfc4346-04 available
Next by thread: [TLS] GSS-API TLS ID published
Index(es):
- Date
- Thread

Re: [TLS] draft-ietf-tls-rfc4346-04 available

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.