All,
Since RFC 2630 (CMS) will be used as the standard security protocol for
several communication protocols that may have different (and changing) sets
of algorithm implementation requirements, I agree with Dave Kemp's
recommendation to change the text in RFC 2630 stating the algorithm
implementation requirements. I believe that it is appropriate for RFC 2630
(or an appendix to RFC 2630) to define how algorithms are used with the CMS
security protocol, but should not specify algorithm implementation
requirements. For each communication protocol, a separate profile should be
developed specifying the algorithm implementation requirements for using RFC
2630 with that communication protocol. For example, the S/MIME v3 algorithm
implementation requirements should be stated in the revised S/MIME v3
Message Specification (as proposed by Blake).
Recommend the following changes to RFC 2630:
1) Section 12.1:
OLD: "CMS implementations must include SHA-1. CMS implementations should
include MD5."
NEW: "This section describes how the SHA-1 and MD5 digest algorithms are
used with CMS."
2) Section 12.2:
OLD: "CMS implementations must include DSA. CMS implementations may include
RSA."
NEW: "This section describes how the DSA and RSA signature algorithms are
used with CMS."
3) Section 12.3.1:
OLD: "CMS implementations must include key agreement using X9.42
Ephemeral-Static Diffie-Hellman."
NEW: "This section describes how key agreement is implemented in CMS using
the X9.42 Ephemeral-Static Diffie-Hellman algorithm."
4) Section 12.3.1:
OLD: "CMS implementations must include key agreement of Triple-DES pairwise
key-encryption keys and Triple-DES wrapping of Triple-DES content-encryption
keys. CMS implementations should include key agreement of RC2 pairwise
key-encryption keys and RC2 wrapping of RC2 content-encryption keys. The
key wrap algorithm for Triple-DES and RC2 is described in section 12.3.3."
NEW: "Section 12.3.3.1 specifies the key wrap algorithm for use with CMS for
key agreement of Triple-DES pairwise key-encryption keys and Triple-DES
wrapping of Triple-DES content-encryption keys. Section 12.3.3.2 specifies
the key wrap algorithm for use with CMS for key agreement of RC2 pairwise
key-encryption keys and RC2 wrapping of RC2 content-encryption keys."
5) Section 12.3.2:
OLD: "CMS implementations should include key transport using RSA. RSA
implementations must include key transport of Triple-DES content-encryption
keys. RSA implementations should include key transport of RC2
content-encryption keys."
NEW: "This section describes how key transport is implemented in CMS using
RSA in conjunction with Triple-DES and RC2 content-encryption keys."
6) Section 12.4:
OLD: "CMS implementations must include Triple-DES in CBC mode. CMS
implementations should include RC2 in CBC mode."
NEW: "This section describes how the Triple-DES (in CBC mode) and RC2 (in
CBC mode) content encryption algorithms are used with CMS."
7) Section 12.6:
OLD: "CMS implementations must include encryption of a Triple-DES
content-encryption key with a Triple-DES key-encryption key using the
algorithm specified in Sections 12.6.2 and 12.6.3. CMS implementations
should include encryption of a RC2 content-encryption key with a RC2
key-encryption key using the algorithm specified in Sections 12.6.4 and
12.6.5."
NEW: "Sections 12.6.2 and 12.6.3 specify the algorithm for use with CMS to
encrypt a Triple-DES content-encryption key with a Triple-DES key-encryption
key. Sections 12.6.4 and 12.6.5 specify the algorithm for use with CMS to
encrypt a RC2 content-encryption key with a RC2 key-encryption key."
8) Section 12, intro:
OLD: "This section lists the algorithms that must be implemented.
Additional algorithms that should be implemented are also included."
NEW: "This section describes how selected algorithms are used with CMS."
Recommend that the revised S/MIME v3 Message Specification should state the
S/MIME working group's consensus regarding each of the aforementioned
algorithm implementation requirements.
============================================
John Pawling, john(_dot_)pawling(_at_)wang(_dot_)com
Wang Government Services, Inc.,
A Getronics Company
============================================