Subject Re: draft charge, refeds working group on attribute release
From David Chadwick <d.w.chadwick@xxxxxxxxxx>
Date Tue, 05 Jul 2011 20:35:37 +0100

Hi Leif

unfortunately you have quoted 800-63 wrongly. The entropy required for LOA 1 is only 1 in 2**10, or 1 in 1024, not 1 in 2**1024. This is very very different. Appendix A also says that a system that assigns subscribers 6 character passwords, randomly selected, from a 96 char set, meets LOA 2 and has an entropy of 1 in 16K. So if Level 2 only requires 6 random char passwords, how onerous could it be to meet LOA 1 with one sixteenth of the strength?



On 05/07/2011 14:02, Leif Johansson wrote:
Hash: SHA1

On 07/05/2011 02:29 PM, David Chadwick wrote:
Hi Leif

LOA1 is defined as little or no confidence. So in the worst case it is
zero. And there is no way of differentiating between little and nothing
since both get a score of 1.

No it is not. What gave you that idea?

Could you please enumerate these non-trivial requirements for no
confidence? I know that passwords must not be sent in the clear, but I
dont count this as non-trivial do you? (Its been an IETF requirement for
over a decade).

Read Appendix A of SP 800-63 for background. Passwords a LoA1 must have
an entropy of 2**1024 over their lifetime. Also read Eric Sachs notes on
googles OIX LOA1 certification:

	Cheers Leif
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -



David W. Chadwick, BSc PhD
Professor of Information Systems Security
School of Computing, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@xxxxxxxxxx
Home Page:
Research Web site:
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5