ietf-smime
[Top] [All Lists]

draft-ietf-smime-x942-00.txt comments.

1998-06-20 18:51:22
I've been perusing the DH draft: great work! 

I have a few comments.

2.1.4.  Keylengths for common algorithms

   Some common key encryption algorithms have KEKs of the following
   lengths.

           DES-ECB         64 bits
           3DES-EDE-ECB    192 bits
           RC2 (all)       256 bits


RC2-n in the content encryption cipher I take to mean a keylength of n/8
bytes and an effective keylength of n bits. I can't give a reference but
for me at least it's simply "what works" and established practice for
existing S/MIME implementations for RC2-128, RC2-64 and RC2-40.

This need not be followed for the key wrapping algorithms of course but
it might be preferable if e.g. "RC2-40" always refers to the same basic
algorithm.

IMHO the "standard" meaning should be kept for the content encryption
key whatever the wrapping meaning to allow mixed key transport and key
agreement messages to work.

Also the standard has SHA-1 hard coded. Perhaps this should be
selectable by the CMS with a default of SHA-1. This would allow for
healthy paranoia in that SHA-1 might be broken some day. Otherwise
changing it would be very painful if CMS had no provision for an
alternative digest function.

I suppose it could be commented that using an OCTET STRING for "counter"
to represent a number is a bit naughty and an INTEGER would be more
appropriate: but that doesn't really matter (to me at least).

Steve.
-- 
Dr Stephen N. Henson.
UK based freelance Cryptographic Consultant. For info see homepage.
Homepage: http://www.drh-consultancy.demon.co.uk/
Email: shenson(_at_)bigfoot(_dot_)com
PGP key: via homepage.


<Prev in Thread] Current Thread [Next in Thread>