"11.3. Interoperability with Suite-B profile" currently states:
"If TripleDES is the only shared algorithms for a set
of recipients, no Suite-B compliant recipient can be added to the
mentioned recipient set."
but doesn't state how this may be enforced by the *recipient*
(who may not currently have a way of specifying this to the
I therefore have a suggestion:
implement a key-packet preference flag that says "strict SuiteB"
If this is set, then applications MUST NOT use any other cipher
other than one of the allowed AES sizes for that ECC key size.
This will allow us to disallow 3DES (and any other non-AES cipher)
by setting this key flag.
Independent of this, an application may additionally have an
(as an aside, re my "editorial [readability] changes," I might be
able to sit down and have a go at them on Monday or Tuesday.)