Ephemeral-Static Diffie-Hellman is the mandatory to implement algorithm to
ensure interoperability. Since Ephemeral-Static Diffie-Hellman is a key
agreement algorithm, that is the mandatory to implement portion of the
protocol.
Russ
At 03:08 PM 2/18/99 +0000, Hilton Day wrote:
Hi all,
What (if anything) denotes whether a CMS message should use KA or KT as the
key-management algorithm?
I've looked through the spec, and can't see anything which mandates a method
for
doing this, so I can only assume it is an implementation-specific choice (i.e.
User-input, or the programmers decide when writing the mail client, based on
security policy).
This leaves me wondering why KA is a "must" for the CMS - it is conveivable
that
KA would never be used within the context of S/MIME, as mail clients could
simply
use KT to wrap their CEK's.
Ok - I realise that in the interests of interoperability, KA should be
implemented
in order that a recipient can read a mail sent with a shared-secret-based
key, but
in the same way as Symmetric Key-Encryption Key algorithms are a "may", surely
this is something for the implementor to decide?
I realise that, as I've only been following the spec. since CMS-09, I've
probably
already missed conversations along these lines, in which case, apologies
to all
those who've hashed over this - but I'd appreciate an explanation.. :-)
Thanks,
Hilton.
--
JCP Computer Services Tel: +44 (0) 171 689 6890
16 St Johns Lane, Fax: +44 (0) 171 689 0438
London, E-Mail: hilton(_at_)jcp(_dot_)co(_dot_)uk
EC1M 4BS WWW: http://www.jcp.co.uk
United Kingdom