Dave:
You did not miss anything. This is a proposed change. The Working Group
has not agreed or rejected the proposal.
Russ
At 03:49 PM 11/27/2000 -0500, David P. Kemp wrote:
> Title : S/MIME Version 3.1 Certificate Profile Addendum
> Author(s) : B. Ramsdell
> Filename : draft-ietf-smime-v31cert-00.txt
> Pages :
> Date : 22-Nov-00
>
> In light of the expiration of the primary RSA patent, it is proposed
> that the RSA algorithm replace the DSS and Diffie-Hellman as the MUST
> implement algorithms in the S/MIME profile. This draft will describe
> only the proposed changes to the S/MIME Version 3 Certificate Handling
> RFC [SMIMEV3CERT], and the rest of that RFC will remain identical.
Did I miss the discussion and consensus on this?
I was under the impression that RSA does not replace DSA as a
MUST-implement, rather RSA becomes an additional MUST for signatures:
> Russ Housley <housley(_at_)spyrus(_dot_)com> on 07/31/2000 05:04:52 PM
>
> Proposed way forward: Change the mandatory to implement algorithm set to:
> One-way Hash: SHA-1 (no change)
> Signature: Both DSA and RSA (PKCS#1 v1.5)
> Key Mgmt: RSA (OAEP)
> Eencryption: Triple-DES in CBC mode
The Certificate Profile should reflect the results of the last meeting
and subsequent mail list discussion.