* Nelson B. Bolyard: >> * expiry should be? >> + minimum 8 years? >> + maximum 30 years? > > In that same NIST publication there is a table of recommended key sizes > to use for secrets that need to be protected until year 2010, 2030, and > beyond. It's table 4, page 66.
I think they recommend creating signatures with the same key for just 1 to 3 years (table 1). This probably conflicts with other requirements. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
