I'd like to make an observation on the current IETF S/MIME draft that I
think may need to be addressed. I believe it is the IETF's goal to achieve
algorithm-independent drafts wherever possible. This is certainly possible
for S/MIME, and I would suggest that it is also desirable.
There is an opportunity to define the S/MIME specification to allow a
variety of public key algorithms. For example, the NIST Digital Signature
Standard (DSS), the Elliptic Curve variant of DSS called ECDSA, and other
digital signaure algorithms could be used for
signed messages. Similarly, symmetric key wrapping could also be performed
by alternate public key algorithms.
I see a problem with this being achieved by the draft as it is written
because it appears to mandate the use of PKCS #7 message formats. While
PKCS #7 is an excellent standard for RSA messages, it is not currently
designed to handle other types of cryptography.
To summarize: The IETF S/MIME draft may be attempting to achieve algorithm
independence, but this attempt is defeated by the requirement for the
current PKCS #7 message format.
RSA has announced that it will be developing version 2.0 of the standard
over the next year. The new standard is intended to be algorithm
independent, so this may solve one problem. However, I think we need to be
aware that at present the PKCS #7 message format can not address all of the
requirements for an algorithm independent S/MIME standard.
Bill Anderson