I think the IANA registry actually has the key length specified as
part of the suite enumeration.
There are other suites that don't specify numeric key sizes, but in
these cases, the algorithm itself
(3DES for example) work with a specific key size that doesn't vary.
In this case, we may be able to just specify that we're talking about
a minimum suite, with a reference to RFC 5246 and
the IANA registry itself.
On Jan 30, 2009, at 6:26 PM, Brian Smithson wrote:
> I am still wondering how these two attributes can be used in
> practice. I
> know that we can uniquely identify cipher suites using the IANA
> registry, but is there an authoritative source to specify that one
> is "more minimum" than another? And if you consider different key
> lengths that might be acceptable for a given suite, then can we really
> say that suite X is more minimum than suite Y even if an HCD
> supports a
> relatively long key length for X but only supports a relatively short
> one for Y?
> Brian Smithson
> PM, Security Research
> PMP, CISSP, CISA, ISO 27000 PA
> Advanced Imaging and Network Technologies
> Ricoh Americas Corporation
-------------- next part --------------
An HTML attachment was scrubbed...