ietf-smime
[Top] [All Lists]

RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS to Proposed Standard

2000-06-24 18:13:08
It would be called that I missed that issue on the IDEA draft since I was
still fixated over the fact that the encodings in the draft was wrong and
had not looked at the higher level.  Additionally, since I reviewed them at
different times, I did not have the same critiera all of the time. (I
suppose I should write it down so that I am more consistant :)

jim

-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Jim Schaad
Sent: Friday, June 23, 2000 1:10 PM
To: Carlisle Adams; 'Blake Ramsdell'
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS
to Proposed Standard


This is still my position.  If, for a D-H key, you make the statment that
CAST128 is supported as a bulk algorithm, then you must support
the CAST128
wrap of CAST128 because that is the only way of doing it.

jim

-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of 
Carlisle Adams
Sent: Tuesday, June 20, 2000 7:19 AM
To: 'Blake Ramsdell'
Cc: 'ietf-smime(_at_)imc(_dot_)org'
Subject: RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS
to Proposed Standard


Hi Blake,

Good to hear from you again!

----------
From:     Blake 
Ramsdell[SMTP:blake(_dot_)ramsdell(_at_)tumbleweed(_dot_)com]
Sent:     Monday, June 19, 2000 4:14 PM
To:       'ietf-smime(_at_)imc(_dot_)org'
Subject:  RE: Last Call: Use of the CAST-128 Encryption Algorithm in
CMS to Proposed Standard

Two comments, don't know if they're major.

1. Section 3 does not list an SMIMECapability for key wrapping
using IDEA,
only for symmetric encryption.  Don't know if that was intended.

I suspect that you mean "CAST-128" above, rather than "IDEA"...

In any case, I originally had both OIDs here (symm. encryption and key
wrapping), but in a note posted on Nov. 18, 1999, Jim Schaad
included the
following comment:

"2.  Section 3 Para 1.  You state that you must include the
above OIDs in
the symmetric algorithms section of capabilities, but only one
of the oids
is a symmetric algorithm.  At the
current time we are "implying" the key wrap from the symmetric
algorithm as
only same key wrap is supported in CMS.  Please change to the
correct OID
reference."

So, I took out the key wrap OID and left only the one for symmetric
encryption.

2. I think that the example in section 3 should clarify that the
cast5CBCParameters are encoded with the iv omitted.

I guess it seemed clear to me that if you were only advertising your
capabilities (in this case, symmetric algorithm and key length),
an IV would
be irrelevant and would therefore be omitted.  If you wish,
however, I can
add a sentence to this effect when the document has been approved
and I get
the 1-day window to send any tiny edits to the RFC editor.  Let
me know if
you really think this is necessary.

Thanks for taking the time to look through this draft!

Carlisle.






<Prev in Thread] Current Thread [Next in Thread>