[Top] [All Lists]

Re: IETF S/MIME and Algorithm Independence

1997-05-02 15:01:55


Paul, the current structure mandates the use of RSA key management. The 
should not prohibit the use of other techniques such a Diffie-Hellman.  It is 
possible to have RSA as the "must implement" key management algorithm, but 
standardized structure should not prohibit the use of other techniques.

And it doesn't. In fact, with the SMIMECapabilities, it makes it easy for 
an agent that is using some other kind of key management to announce that 
to the world on every signed and/or encrypted message it sends out. This 
is described in the beginning of Section 2.5.2 of the drafts.

The PKCS#7 structure that supports S/MIME does not permit any key 
management algorithm to work.  For example, there is no place to carry the 
originator certificate that contains an Diffie-Hellman key.