ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

1/28/98 S/MIME V3 Msg Spec Comments

1998-02-02 14:42:12
from [John Pawling] [Permanent Link] 
Blake (and friends),

Thank you for incorporating my previous comments into the "January 28, 1998
S/MIME Version 3 Message Specification" [MSG3].  I have the following
comments regarding the new spec:

1) Sec 1.1, 2nd para, and Sec 3.7: The spec "defines how to create
certification requests that conform to PKCS #10 [PKCS-10], and the
application/pkcs10 MIME type for transporting those requests."  The IETF
PKIX working group is developing a "harmonized", application-independent,
IETF standard set of cert mgmt protocols (see Dec 97 PKIX WG minutes).
IMHO, if [MSG3] mandates any cert mgmt protocols, then those protocols
should be the "harmonized", application-independent IETF standard protocols.
If the S/MIME WG wishes [MSG3] to go to last call before the IETF
"harmonized" protocols are complete, then I recommend that all text should
be removed from [MSG3] that mandates cert mgmt protocols.  Once the
"harmonized" IETF standard protocols are completed, then a separate S/MIME
WG spec could be drafted which specifies the use of MIME to communicate
CMS-protected "harmonized" cert mgmt protocol messages.  At that point, the
new spec could also define how to transport PKCS #10 messages as a MAY
implement for the purposes of backward conpatability with v2 S/MIME MUAs.  

2) Sec 2, intro: Please add "[CMS] provides additional details regarding the
use of the cryptographic algorithms."

3) Sec 2.6.2.4.  Please change "MUST use RC2/40" to "SHOULD use RC2/40".

4) Sec 3, first para: Please replace five occurrences of "PKCS" with "CMS".

5) Sec 3.2, 2nd para states: "The CMS object must always be the BER encoding
of the ASN.1 syntax describing the object."  Why can't the CMS object be a
DER encoding? 

6) Sec 3.7.2, first sentence mandates use of PKCS 10.  Disagree with this
statement as per comment 1.

7) Sec H: "What do we need to do for 4.1 in order to make it
Diffie-Hellman?" and "Section 4.1 needs to talk about DSS and DH minimum key
lengths for strong crypto."  I believe that there should be separate
documents describing the use of SHA-1, DSA and DH with the CMS and ESS
specs.  I don't believe that the details of DH key generation need to be
included in the base S/MIME v3 Message Spec.

8) Sec H: "Need OIDs for DH":  PKIX X.509 Certificate and CRL Profile, sec
7.3.2 defines the use of the ANSI X9.42        dhpublicnumber OBJECT
IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-x942(10046)
number-type(2) 1 } for DH keys in X.509 certs.  Can we use that OID for CMS?

================================
John Pawling   
jsp(_at_)jgvandyke(_dot_)com                             
J.G. Van Dyke & Associates, Inc.           
================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Question about signing attachments separately, Paul Hoffman / IMC
Next by Date:  Re: Hashing of CMS signedData objects, Russ Housley
Previous by Thread:  RE: Question about signing attachments separately, Jonathan Penn
Next by Thread:  Re: 1/28/98 S/MIME V3 Msg Spec Comments, Paul Hoffman / IMC
Indexes:  [Date] [Thread] [Top] [All Lists]