ietf-smime
[Top] [All Lists]

Re: Comments on MSG-03

1998-03-27 21:40:38
At 07:52 PM 3/27/98 -0800, Paul Hoffman / IMC wrote:
At 11:44 AM 3/26/98 -0800, Jim Schaad (Exchange) wrote:
1.  Section 2.6.2.3 and 2.6.2.4.  The wording no longer works for these two
sections now that 3DES is a must and RC2/40 is an optional.

I disagree. The wording works fine.

OK, I now see what Jim was saying. I still disagree with his solution, but
I see where the wording needs to be changed. Instead of his suggested
changes for steps 3 and 4, I propose collapsing them into one:

2.6.1.3 Rule 3: Unknown Capabilities, Unknown Version of S/MIME

If:
 - the sending agent has no knowledge of the encryption capabilities
   of the recipient,
 - and the sending agent has no knowledge of the version of S/MIME
   of the recipient,
then the sending agent SHOULD use tripleDES because it is
stronger encryption and is required by S/MIME v3. If the sending
agent choses not to use tripleDES in this step, it SHOULD use
RC2/40.


--Paul Hoffman, Director
--Internet Mail Consortium

<Prev in Thread] Current Thread [Next in Thread>