At 6:31 PM -0700 9/30/97, Kazu Yamamoto
(=?iso-2022-jp?B?GyRCOzNLXE9CSScbKEI=?=) wrote:
Let me confirm. Why will S/MIME specs be submitted as Informational RFC?
At the Munich IETF meeting, the IESG announced that for security-related
standards, they have a strong preference for unencumbered technologies when
they exist. Since then, Jeff Schiller, the Area Director for security, has
said that he will not approve standards that rely on RSA encryption if
Diffie-Hellman key exchange could be used instead.
PGP/MIME is on Standards track. I wonder why S/MIME cannot.
PGP/MIME became a proposed standard before this decision. It is likely that
it would not make it now. In fact, Jeff Schiller has said that he would not
support it moving to Draft Standard with its current requirement for RSA
encryption. However, that is not so much an issue now that there is (as of
today) an OpenPGP Working Group which will produce a protocol that does not
rely on RSA encryption.
One of the purposes of the S/MIME 3 work is so that we can produce a
protocol that does not require RSA encryption.
--Paul E. Hoffman, Director
--Internet Mail Consortium