[cabfpub] Proposal to add DSA 2048

Erwann Abalea erwann.abalea at keynectis.com
Mon Mar 11 10:55:37 UTC 2013

Why was the list of ECDSA curves limited to the NIST ones, instead of 
specifying a list of characteristics (field size, curve type, ...)?
This prevents the use of other standardized curves such as Brainpool 
ones (RFC5639), and more local ones such as French ANSSI ones.


Le 08/03/2013 22:38, Rick Andrews a écrit :
> To address everyone’s questions:
> -FIPS 186 originally allowed for DSA 1024 bits max, but in the 186-3 
> revision 2048 and SHA-2 were added.
> -ECDSA is allowed in the BRs; Appendix A allows P-256, P-384, or P-521 
> curves
> -Does it present any issues that are different from RSA algorithm 
> certs? AFAIK, just what Erwann listed below (it can be used for 
> signature only, not encryption/decryption). I haven’t heard of any 
> particular vulnerabilities. In fact, the “Ron was wrong, Whit is 
> right” paper (http://eprint.iacr.org/2012/064.pdf) suggests that there 
> are advantages to cryptosystems like DSA that require only a single 
> secret during key setup.
> -Same authentication processes and security considerations? I don’t 
> see why not.
> -Can only government agencies obtain these certs, or can any user? 
> Anyone can. We expect more interest from government customers given 
> its inclusion in FIPS 186-3, but there are no restrictions
> -Rick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130311/4d341c9e/attachment-0003.html>

More information about the Public mailing list