- From: Edgar, Gerald <gerald.edgar@boeing.com>
- Date: Thu, 22 Jan 2009 11:01:26 -0800
- To: "XMLSec WG Public List" <public-xmlsec@w3.org>
While we reference much of what is in NSA Suite B we do not reference that set of algorithms directly. (http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml) The NSA uses references of Digital Signature: Elliptic Curve Digital Signature Algorithm - FIPS 186-2 (using the curves with 256 and 384-bit prime moduli) http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf Hashing: Secure Hash Algorithm - FIPS 180-2 (using SHA-256 and SHA-384) http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenoti ce.pdf Do the references used in the drafts cover both of these? We could also use the recommendations in "Suite B" for key lengths. To rephrase that is there we could say: "Use of AES with 256-bit keys, the 384-bit prime modulus elliptic curve, and SHA-384 provides a basis for a high level of information security." Gerald Edgar, CISSP Enterprise Architecture & Information Security
Received on Thursday, 22 January 2009 19:02:22 UTC