Steve:
The reason for this requirement is that Ephemeral-Static Diffie-Hellman
(E-S D-H) is the mandatory to implement key management algorithm. The
output of E-S D-H is a KEK. So, the mandatory to implement key management
algorithm requires a way to wrap the CEK in the resulting pairwise KEK.
Russ
At 05:24 PM 3/31/99 +0000, Dr Stephen Henson wrote:
Is there a potential conflict with CMS 12.3.1? That is:
Any symmetric encryption algorithm that a CMS implementation includes
as a content-encryption algorithm must also be included as a key-
encryption algorithm.
As I understand this this means that a CMS implementation using IDEA
must also include a means to wrap content encryption keys with IDEA.
This would require additional information and a new OID
id-alg-CMSIDEAwrap for example.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: shenson(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: drh(_at_)celocom(_dot_)com PGP key: via homepage.