On Tue, Apr 1, 2014 at 10:48 PM, Paul Hoffman <paul.hoff...@vpnc.org> wrote:
> On Apr 1, 2014, at 7:37 PM, Olafur Gudmundsson <o...@ogud.com> wrote: > > > Why not go to a good ECC instead ? (not sure which one, but not P256 or > P384) > > Why not P256 or P384? They are the most-studied curves. Some of the newer > curves do have advantages, but they are also newer. > Same answer as always: A patent troll with the most worthless claim ever is still going to cost $4 million to get a declarative judgement against. RIM is on the verge of bankruptcy and it is very likely the patents will be acquired by a troll. And the new tactic is to go after the customers, not the technology providers. So without the declarative judgement we are swapping a technology we know we have no problem with for one with an expensive liability. So we definitely need a declarative judgement. IF the size of the signatures vs the packet size was the issue we could go to DSA. It has some implementation issues but I'll take 2048 bit DSA over 1024 bit RSA. Alternatively, we can forget the ICANN root as being the primary validation path and have people publish a 2048 bit cert in a WebPKI validated chain in their zone. We already have the records for that. -- Website: http://hallambaker.com/
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop