Mark Delany <[EMAIL PROTECTED]> writes: > Further, that sort of constraint is algorithm dependent. So the true > test is: if (rsa && keySize < limit)). A new algorithm may well have > completely different size limits or different safety dimensions to > check. > > Is there experience in similar fields to the success or otherwise of > imposing minimum safety limits? S/MIME, PGP, SSL?
SSL doesn't impose minimum limits, but 1024 is pretty much the industry standard AFAIK. -Ekr _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html