John,
I agree with Blake's implication that CMS "should not" (little letters)
contain algorithm requirements; conformance should be controlled
exclusively by specifications which reference CMS. This enables CMS to
remain stable as opinions concerning algorithms change. Where would we
be if X.509 said every certificate-using application MUST support
id-sa-sqMod-nWithRSA signatures?
I believe the statements quoted below should be removed without replacement
in the next version of CMS.
Dave
From: "Pawling, John" <John(_dot_)Pawling(_at_)wang(_dot_)com>
To: "'ietf-smime(_at_)imc(_dot_)org'" <ietf-smime(_at_)imc(_dot_)org>
Subject: RE: Mandatory to implement key wrap algorithm for S/MIME summary
Date: Tue, 5 Sep 2000 12:42:19 -0400
All,
Blake stated: "Note that these mandatory to implement algorithms are not for
CMS in general, but for the S/MIME profile of CMS." I have the following
comments:
RFC 2630 (CMS), section 12.3.1, states: "CMS implementations must include
key agreement using X9.42 Ephemeral-Static Diffie-Hellman." To be
consistent with the working group's consensus, I believe that this text
needs to be changed to: "CMS implementations should include key agreement
using X9.42 Ephemeral-Static Diffie-Hellman."
RFC 2630, section 12.3.2, states: "CMS implementations should include key
transport using RSA." To be consistent with the working group's consensus, I
believe that this text needs to be changed to: "CMS implementations must
include key transport using RSA."
RFC 2630, section 12.2, states: "CMS implementations must include DSA. CMS
implementations may include RSA." To be consistent with the working group's
consensus, I believe that this text needs to be changed to: "CMS
implementations must include both DSA and RSA."
============================================
John Pawling, john(_dot_)pawling(_at_)wang(_dot_)com
Wang Government Services, Inc.,
A Getronics Company
============================================