All I'm suggesting is that we clearly differentiate
between what is strong and what is not, or S/MIME
might make CNN Headline news, (not good for our industry)
Joe says, "hey, ya use'g that S/MIME stuff"
Mike says, "you bet, send me your companies records"
Joe says, "sure thing, they're on their way"
:-)
At 07:11 PM 4/17/97 -0700, you wrote:
To further this, I propose the following:
SSSL (Semi-Secure-Sockets-Layer) for implementations that can only
implement 40-bit RC2 / RC4. This, of course, would be in TLSS
(Transport-Level-Semi-Security) also. We can work on the acronyms.
These are in use in all of the exportable web servers / browsers from
Netscape and Microsoft.
Just to be consistent.
Blake
-----Original Message-----
From: Charles Breed [SMTP:cbreed(_at_)pgp(_dot_)com]
Sent: Thursday, April 17, 1997 12:21 PM
To: ietf-smime(_at_)imc(_dot_)org
Subject: US/MIME
If we're all hell-bent on an international interoperable
"MUST" profile for S/MIME, Let's not lead the naive to think
it's "Secure". We all know a brute-force attack against 40-bit
cipher can yield clear text in a short amount of time, so I
believe, we (the IETF community) has a moral obligation to inform
the millions of "unsuspecting" users as to the vulnerability of the
proposed specification.
Proposal:
---------
US/MIME, this spec has ONLY one profile, RSA, RC2-40, SHA-1 and
it will be known as the un-secure or US export spec. (or maybe
SS/MIME, semi-secure/MIME)
S/MIME+ will have a strong "MUST" profile, RSA Public Key with
a minimum 1792 bit to match a symmetric cipher (3DES, CAST) of
112 bits with SHA-1. This "MUST" profile allows international
interoperability as well, it just limits US companies to export.
S/MIME will continue to have other profiles using the defined OIDs.
(Yup, it's US export controlled, but ya better take that up with
the US Department of Commerce, Not the IETF)
regards,
Charles Breed