add key length/sha best practice? from Frederick Hirsch on 2008-11-03 (public-xmlsec@w3.org from November 2008)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Mon, 3 Nov 2008 15:53:46 -0500
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Message-Id: <02396E1E-604A-477C-B0BE-E3CC8E7A2205@nokia.com>

re webapps joint f2f meeting:

should we add a best practice to the Best Practices draft for RSA-SHA1  
key length of 2048 or if 1024 should expire in year because of  
associated risk?

Note on sha-1 and sha-256?

regards, Frederick

Frederick Hirsch
Nokia

Received on Monday, 3 November 2008 20:54:36 UTC