On Thursday, September 18, 1997 5:44 PM, Paul Hoffman / IMC
[SMTP:phoffman(_at_)imc(_dot_)org] wrote:
OK, this makes more sense now. Because a single message can only use one
encryption algorithm, I believe that there is no protocol question.
However, we can give implementors guidance. How does the following sound?
To clarify, a single envelopedData entity can only use one symmetric
encryption algorithm.
If a sending agent is composing a signed message to a group of recipients
where the encrypting capabilities of some of the recipients are different,
the sending agent is forced to send more than one message. It should be
noted that if the sending agent chooses to send a message encrypted with a
strong algorithm, and then send the same message encrypted with a weak
algorithm, someone watching the communications channel can decipher the
contents of the strongly-encrypted message simply by decrypting the
weakly-encrypted message.
I think this should be "If a sending agent is composing *an encrypted*
message".
I think also that this should be called out a little more clearly,
because it is not an obvious problem and it really can affect the system
security depending on the environment. Along the lines of all caps,
maybe?
Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103 Fax +1 425 882 8060