[Top] [All Lists]

Way Forward

2000-08-01 06:02:56
At the face-to-face meeting today, we had a fair amount of discussion about the best way to proceed. This message states each of the issues and the proposed way forward. This message is intended to give everyone an opportunity to provide their input, even if they were unable to attend the meeting.

RFC 2630 Interoperability Testing

Issue: Two implementations have been tested for EnvelopedData and SignedData. These two data structures are required to implement S/MIME, so this is not surprising. RFC 2630 includes other data structure that are MUST implement(EncryptedData, DigestedData, and AuthenticatedData). We do not have two implementations for these data structures.

Proposed way forward:  Change the implementation requirements so that:
        - EnvelopedData and SignedData MUST be implemented; and
        - EncryptedData, DigestedData, and AuthenticatedData MAY be implemented.

Mandatory To Implement Algorithms

Issue: Since the RSA patent is about to expire, Blake Ramsdell suggested that the RSA algorithm become the mandatory to implement algorithm for key management and signature. It was pointed out that the current RSA key management (PKCS#1 v1.5) has a known vulnerability, so the OAEP technique should be employed instead. While we were discussing algorithms, it was suggested that AES should be the mandatory to implement symmetric cipher instead of Triple-DES. About half of the people thought that this was a good idea. The other half was concerned that the AES has not been published yet.

Proposed way forward:  Change the mandatory to implement algorithm set to:
        One-way Hash:   SHA-1 (no change)
        Signature:      Both DSA and RSA (PKCS#1 v1.5)
        Key Mgmt:       RSA (OAEP)
        Eencryption:    Triple-DES in CBC mode

All comments on either of these proposals is most welcome.


<Prev in Thread] Current Thread [Next in Thread>