ietf-smime
[Top] [All Lists]

Re: WG Last Call:draft-ietf-smime-cms-07.txt

1998-10-26 19:37:41
Russ,

A few comments.

As I understand the ES DH description there are two separate OIDs:
id-alg-ESDHwithRC2 and id-alg-ESDHwith3DES. This specifies both the key
transport and the symmetric encryption algorithms. What if someone wants
to use a different symmetric algorithm? Do they need to register an
id-alg-ESDHwithXXX OID and does everyone need to change their code to
support it? If history is anything to go by this will result in lots of
incompatible id-alg-ESDHwithXXX OIDs used by different applications.

Is there some specific reason why we can't do the same as with RSA? That
is have an id-alg-ESDH OID and then a separate symmetric algorithm OID.
That way if someone wants to support some other algorithm with a
registered OID they can already do it in a compatible way.

In 12.6:

   The key-encryption key is generated by the key agreement algorithm or
   distributed as a mail list key.  With key agreement, the minimum
   number of bits needed to form the key-encryption key must be used.
   As an example, only the first 40 bits of Diffie-Hellman generated
   keying material are used for a RC2/40 key-encryption key.

This appears to be the "RC2 key length X/8" option. This adds the
restriction that X/8 must always be used in mixed DH+RSA messages though
just RSA need not be restricted to X/8. Or am I misinterpreting this?

Steve.
-- 
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant. 
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: shenson(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk
PGP key: via homepage.