ietf-smime
[Top] [All Lists]

RE: DH keypair generation (was RE: S/MIME V3 Msg Spec Comments)

1997-11-12 05:31:10
I suggest that we align with X9.42 for Diffie-Hellman.

Russ

At 01:59 PM 11/7/97 -0800, Blake Ramsdell wrote:
On Friday, November 07, 1997 1:44 PM, jsp(_at_)jgvandyke(_dot_)com
[SMTP:jsp(_at_)jgvandyke(_dot_)com] wrote:
DH and DSS keys are separately generated.  The public DH and DSS keys are
stored in separate X.509 Certificates.

This was something that was being discussed at one point -- the
possibility of a "combo" certificate that had both signature
verification and key management properties (the public part of the DH
encrypting pair and the public part of the DSS pair).

How about changing the text to the following: "An S/MIME agent or some
related administrative utility or function MUST be capable of generating
separate DH and DSS public/private key pairs on behalf of the user."

Yup.  Sounds good.  Comments?  Objections?

I will also change the current references to [DH-DSS] to just be [DSS].

What would be the best source to use for the [DH] (Diffie-Hellman
encryption) and [DSS] (DSS) references?  Are we making a draft for this?

Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103  Fax +1 425 882 8060