Re: confusion in ank.
- From: dkg-mit.edu@xxxxxxxxxxxxxxxxx (Daniel Kahn Gillmor)
- Date: Mon, 23 Apr 2007 13:07:05 -0400
-----BEGIN PGP SIGNED MESSAGE-----
On Mon 2007-04-23 11:52:36 -0400, Nicolas Williams wrote:
Password quality policies certainly shouldn't apply to randomly-
generated keys, but that does not mean that there cannot be a key
i agree that it's worthwhile to support expiration policy for
randomly-generated keys. One could even argue for iteratively
applying password-quality policies to randomy-generated keys from a
In the unlikely event the randomly-generated key happens to be
guessable by common tools (dictionary attacks, limited character
classes, etc), it's probably worth generating a new random key. While
this reduces the overall space of possible random keys, it does keep
the random keys out of the (admittedly tiny) space regularly probed by
the most common brute force attackers.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>
-----END PGP SIGNATURE-----
Kerberos mailing list Kerberos@xxxxxxx
- Prev by Date: Re: confusion in ank.
- Next by Date: Re: confusion in ank.
- Previous by thread: Re: confusion in ank.
- Next by thread: Re: confusion in ank.