On 16/02/2011 21:13, Martin Paljak wrote: >> The same can be done for 768bit key, and, I suppose, for all key sizes from >> 512 to 2048 with the 64 bit step. > The only questions is: are you sure you want to do this? Small RSA keys are > often used in low profile hardware, where the smaller calculation is easier > to complete, these days EC would be a better option for resource-constrained > environments... > I would not date to suggest turning<1024 key support off (which is the > recommendation by several organizations) but giving a nice fat warning to the > user when creating keys (not importing!) below 1024 (or 1024 keys when the > card claims support for 2048) bits. That could be done for every key size less than the maximum handled by the card. This way the user is encouraged to use the maximum available security, and fall back to less secure keys only if he needs to.
Just my .02 ... BYtE. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
