Re: ECDHE security level from Martin Thomson on 2014-10-10 (ietf-http-wg@w3.org from October to December 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 10 Oct 2014 13:12:03 -0700
To: Brian Smith <brian@briansmith.org>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnVR4m=ju-CaZiTFN44Y=yi_nd15mjO8FyGBds+ssp2_Kg@mail.gmail.com>

On 10 October 2014 12:58, Brian Smith <brian@briansmith.org> wrote:
> I
> merely wanted the language fixed so that P-256 and Curve25519 and
> others were not forbidden on an unintended technicality, and so that
> no ambiguous terms like "security level" were used.


OK, help me out here.  What would you like to see exactly.  I
currently have this:

"Ephemeral key exchange MUST have a minimum size of 2048 bits for DHE
or 255 bits for ECDHE."

Is that right?

Received on Friday, 10 October 2014 20:12:30 UTC