If we're all hell-bent on an international interoperable
"MUST" profile for S/MIME, Let's not lead the naive to think
it's "Secure". We all know a brute-force attack against 40-bit
cipher can yield clear text in a short amount of time, so I
believe, we (the IETF community) has a moral obligation to inform
the millions of "unsuspecting" users as to the vulnerability of the
proposed specification.
Proposal:
---------
US/MIME, this spec has ONLY one profile, RSA, RC2-40, SHA-1 and
it will be known as the un-secure or US export spec. (or maybe
SS/MIME, semi-secure/MIME)
S/MIME+ will have a strong "MUST" profile, RSA Public Key with
a minimum 1792 bit to match a symmetric cipher (3DES, CAST) of
112 bits with SHA-1. This "MUST" profile allows international
interoperability as well, it just limits US companies to export.
S/MIME will continue to have other profiles using the defined OIDs.
(Yup, it's US export controlled, but ya better take that up with
the US Department of Commerce, Not the IETF)
regards,
Charles Breed