Title : S/MIME Version 3.1 Certificate Profile Addendum
Author(s) : B. Ramsdell
Filename : draft-ietf-smime-v31cert-00.txt
Pages :
Date : 22-Nov-00
In light of the expiration of the primary RSA patent, it is proposed
that the RSA algorithm replace the DSS and Diffie-Hellman as the MUST
implement algorithms in the S/MIME profile. This draft will describe
only the proposed changes to the S/MIME Version 3 Certificate Handling
RFC [SMIMEV3CERT], and the rest of that RFC will remain identical.
Did I miss the discussion and consensus on this?
I was under the impression that RSA does not replace DSA as a
MUST-implement, rather RSA becomes an additional MUST for signatures:
Russ Housley <housley(_at_)spyrus(_dot_)com> on 07/31/2000 05:04:52 PM
Proposed way forward: Change the mandatory to implement algorithm set to:
One-way Hash: SHA-1 (no change)
Signature: Both DSA and RSA (PKCS#1 v1.5)
Key Mgmt: RSA (OAEP)
Eencryption: Triple-DES in CBC mode
The Certificate Profile should reflect the results of the last meeting
and subsequent mail list discussion.