All,
Blake stated: "Note that these mandatory to implement algorithms are not for
CMS in general, but for the S/MIME profile of CMS." I have the following
comments:
RFC 2630 (CMS), section 12.3.1, states: "CMS implementations must include
key agreement using X9.42 Ephemeral-Static Diffie-Hellman." To be
consistent with the working group's consensus, I believe that this text
needs to be changed to: "CMS implementations should include key agreement
using X9.42 Ephemeral-Static Diffie-Hellman."
RFC 2630, section 12.3.2, states: "CMS implementations should include key
transport using RSA." To be consistent with the working group's consensus, I
believe that this text needs to be changed to: "CMS implementations must
include key transport using RSA."
RFC 2630, section 12.2, states: "CMS implementations must include DSA. CMS
implementations may include RSA." To be consistent with the working group's
consensus, I believe that this text needs to be changed to: "CMS
implementations must include both DSA and RSA."
============================================
John Pawling, john(_dot_)pawling(_at_)wang(_dot_)com
Wang Government Services, Inc.,
A Getronics Company
============================================