Subject: Policy-Discussion
List archive
- From: Iang <iang AT iang.org>
- To: Policy-Discussion <cacert-policy AT lists.cacert.org>
- Subject: [CAcert-Policy] [Fwd: Re: 307 digit number factored]
- Date: Tue, 22 May 2007 12:53:30 +0200
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
Curious comment seen on crypto list... 2nd last penultimate paragraph what is CAcert's position on ECC?
iang
-------- Original Message --------
Subject: Re: 307 digit number factored
Date: Mon, 21 May 2007 16:32:10 -0400
From: Victor Duchovni
<Victor.Duchovni AT MorganStanley.com>
To:
cryptography AT metzdowd.com
References:
<873b1q584z.fsf AT snark.piermont.com>
On Mon, May 21, 2007 at 02:44:28PM -0400, Perry E. Metzger wrote:
http://www.physorg.com/news98962171.html
My take: clearly, 1024 bits is no longer sufficient for RSA use for
high value applications, though this has been on the horizon for some
time. Presumably, it would be a good idea to use longer keys for all
applications, including "low value" ones, provided that the slowdown
isn't prohibitive. As always, I think the right rule is "encrypt until
it hurts, then back off until it stops hurting"...
When do the Certicom patents expire? I really don't see ever longer RSA keys as the answer, and the patents are I think holding back adoption...
FWIW, Postfix 2.5 in Q1 08 will have EC support when compiled with (likely officially released by then) OpenSSL 0.9.9, the recommended curve is "prime256v1" with "secp384r1" for "encrypt until it hurts" users :-).
The other issue is that sites will need multiple certs during any transition from RSA to ECC, because the entire Internet won't upgrade overnight. I am not expecting public CAs to cooperate by charging the same price for two certs (RSA and ECC) for the same subject name(s), this also may significantly impede migration.
With EECDH one can use ECDH handshakes signed with RSA keys, but that does not really address any looming demise of 1024 bit RSA.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo AT metzdowd.com
- [CAcert-Policy] [Fwd: Re: 307 digit number factored], Iang, 05/22/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Johan van Selst, 05/22/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Ian G, 05/22/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Johan van Selst, 05/23/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Ian G, 05/22/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Philipp Gühring, 05/22/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Johan van Selst, 05/23/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Ian G, 05/23/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Johan van Selst, 05/23/2007
- Re: [CAcert-Policy] [Fwd: Re: 307 digit number factored], Johan van Selst, 05/22/2007
Archive powered by MHonArc 2.6.16.