The IESG has received a request from the S/MIME Mail Security WG (smime) to consider the following document: - 'Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Certificate Handling ' <draft-ietf-smime-3850bis-08.txt> as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. In particular, the IESG solicits comments on the cryptographic strength requirements specified in section 4.3, Certificate and CRL Signing Algorithm and Key Sizes, and the following statement from Section 6, Security Considerations: "Today, 512-bit RSA, DSA and DH keys are considered by many experts to be cryptographically insecure." These sections require S/MIME recieving agents to support RSA key lengths between 512 and 1024 bits, and permit support for DSA key lengths between 512 and 1024 bits. Given that other organizations are moving to a minimum key length of 2048 bits, the IESG wishes to verify IETF consensus for the cryptographic minimums in this document. Please send substantive comments to the ietf@ietf.org mailing lists by 2008-11-13. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. The file can be obtained via http://www.ietf.org/internet-drafts/draft-ietf-smime-3850bis-08.txt IESG discussion can be tracked via https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16576&rfc_flag=0 _______________________________________________ IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
