Enzo Michelangeli wrote:
Here is my modest proposal for SMIME v.3 sole MUST requirements:
- Full interoperability with SMIME v.2, therefore #include-ing all the MUST
- Minimum key length raised to 1024-bit for PK and 112-bit for symmetric
- At least one other key exchange algorithm and one signature algorithm
unrelated to the problem of modular factorization, to protect against
possible unpleasant effects of progress in numbers theory. I'd say that DSA
and DH are the best candidates, if we want to exorcise the IP curse that
could strike ECC-based techniques;
- 3DES-EDE and Rijndael added to RC2.
This isn't actually too modest in my view. In terms of numbers of things
supported it's not too far from where we are now (just a few attributes). I
would support this with one addition. I think you *need* to support the
'SMIMECapabilities' on reception. This just seems like a necessity in any
environment that supports multiple algorithms. Otherwise, you have all you need
for basic interoperability.