ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Extensibility discussion

1998-12-08 06:02:20
from [John Ross] [Permanent Link] 
I believe CMS does not use the latest ASN.1 so that is one reason why I did
not propose "add a '...' to the ASN.1".

But I would be happy with that option in the CMS document, if that was
considered more acceptable.

I agree with you that additions to the choice need not be defined in CMS
itself, MESS could be used.

Regards

JR
-----Original Message-----
From: Peter Gutmann <pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz>
To: ross(_at_)jgross(_dot_)demon(_dot_)co(_dot_)uk 
<ross(_at_)jgross(_dot_)demon(_dot_)co(_dot_)uk>
Cc: ietf-smime(_at_)imc(_dot_)org <ietf-smime(_at_)imc(_dot_)org>
Date: Tuesday, December 08, 1998 2:24 AM
Subject: Re: Extensibility discussion



"John Ross" <ross(_at_)jgross(_dot_)demon(_dot_)co(_dot_)uk> writes:


but what about extending the choice, are you also opposed to that?


This is easy to handle in theory (just add a '...' to the ASN.1) but a bit
more difficult to handle in practice since you need some way to coordinate

the

extensions of the choice (everyone can't just add their own '[n] FooInfo').

It may be possible to maintain a register of extensions, one thing I'm
(gradually) working on, if no support is added to CMS itself, is extensions

to

Recipient/SignerInfo to allow it to be used with the other

IETF-standardised

(or about-to-be-standardised) certificate/key formats (which I mentioned in

a

previous message).  At the moment this lives under the name More Enhanced
Security Services (MESS) for S/MIME, I've had a fair bit of comment on this
from other groups (eg OpenPGP members) who would like to see CMS less tied

to

X.509 certs for everything it does.

What MESS does is add a few trivial extensions to the current CMS stuff to
support these additional formats, it's just the additional key identifiers

I

mentioned in a previous message plus a few other bits and pieces.  If

people

wanted either new key identifiers or recipient info types, and provided

there

was a reasonable justification for them (for example "x zillion PGP users

need

to have this" is a good one), it could be added to the MESS.

Peter.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Extensibility discussion, Peter Gutmann
Next by Date:  Re: Key Wrap Algoritm, Russ Housley
Previous by Thread:  Re: Extensibility discussion, Russ Housley
Next by Thread:  Re: Extensibility discussion, Russ Housley
Indexes:  [Date] [Thread] [Top] [All Lists]