- From: Anil Saldhana <Anil.Saldhana@redhat.com>
- Date: Wed, 05 Sep 2007 12:57:22 -0500
- To: "public-wsc-wg@w3.org" <public-wsc-wg@w3.org>
Yngve, these references have been incorporated into the editor's draft. I am leaving it to tlr to come up with the text where these references need to be cited. Regards, Anil Yngve Nysaeter Pettersen wrote: > > Hello all, > > Here are the document I suggest we should reference about keysizes: > > * NIST: http://csrc.nist.gov/CryptoToolkit/kms/SP800-57Part2April2005.pdf > base reference: http://csrc.nist.gov/CryptoToolkit/tkkeymgmt.html > > * The ECRYPT Yearly Report on Algorithms and Key Lengths: (2006 > edition) http://www.ecrypt.eu.org/documents/D.SPA.21-1.1.pdf > Main page: http://www.ecrypt.eu.org/ > " European Network of Excellence for Cryptology is a 4-year network of > excellence funded within the Information Societies Technology (IST) > Programme of the European Commission's Sixth Framework Programme (FP6)" > > I think the should be a suggestion that implementers should, when > possible, follow the most pessimistic recommendation. Example: NIST > still recommends 1024 bit RSA until 2010, ECRYPT only recommended this > until end of 2006. > > Possible additional reference: > > * NESSIE: > https://www.cosic.esat.kuleuven.be/nessie/deliverables/decision-final.pdf > From https://www.cosic.esat.kuleuven.be/nessie/ : > "NESSIE is a project within the Information Society Technologies (IST) > Programme of the European Commission" > > Background/other references: > > * RFC 3766: http://www.ietf.org/rfc/rfc3766.txt > > * The Twirl document: http://www.rsa.com/rsalabs/node.asp?id=2004 > > -- Anil Saldhana Project/Technical Lead, JBoss Security & Identity Management JBoss, A division of Red Hat Inc. http://labs.jboss.com/portal/jbosssecurity/
Received on Wednesday, 5 September 2007 17:57:42 UTC