All:
I agree with Paul Hoffman. We should proceed with CMS so that the S/MIME
v3 set of documents can become Proposed Standards. Using the list, we can
discuss the best way to handle password-based key management. We can do as
many Internet-Drafts as necessary to sort this out. Once we reach
concensus, we can add the that technique to CMS when the document
progresses from Proposed Standard to Draft Standard.
Of the suggestions discussed so far, I am leaning toward the one made by
Magnus Nyström. This seems to provide all of the capability needed for
PKCS#15.
On the other hand, the proposal made by Rich Ankney (and seconded by John
Ross) provides a open solution for new techniques are they are needed. I
have concerns that this may not be the best solution for interoperability.
Rich can you post the ANSI X9F3 requirements for CKM? Please start a new
thread for that topic.
Russ
At 01:53 PM 3/11/99 -0800, Paul Hoffman / IMC wrote:
Folks:
Peter has posted an Internet Draft for an addition to CMS. I think it is
very late for us to be adding things for which there is disagreement on how
to put it in. We can discuss Peter's draft and decide if we want to pass it
out of the working group. If we do, it can be a stand-alone RFC. If it gets
two independent implementations, we might fold it into the CMS RFC (if we
ever get there.....) when we move from Proposed Standard to Draft Standard.
--Paul Hoffman, Director
--Internet Mail Consortium