ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: I-D ACTION:draft-ietf-smime-rcek-01.txt

2001-02-13 15:45:51
from [Mike Just] [Permanent Link] 
Hi Stephen, Sean,

Possibly another item worth including in the Security Considerations
section. Suppose MSG1 is sent to a set S1 of users. In the case where MSG2
is sent to only a subset of users in S1, all users from S1 will still be
able to decrypt MSG2 (since MSG2.KEK is computed only from MSG1.CEK).  I
don't think you intended for your solution to be used for such dynamic
recipient sets, but it might be worth explicitly mentioning this unfortunate
side-effect of key re-use in any case. (Might be enough to mention that the
recipient lists must be the same for each message.)

Mike J.  


-----Original Message-----
From: Internet-Drafts(_at_)ietf(_dot_)org 
[mailto:Internet-Drafts(_at_)ietf(_dot_)org]
Sent: Friday, February 09, 2001 7:27 AM
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: I-D ACTION:draft-ietf-smime-rcek-01.txt


A New Internet-Draft is available from the on-line 
Internet-Drafts directories.
This draft is a work item of the S/MIME Mail Security Working 
Group of the IETF.

      Title           : Reuse of CMS Content Encryption Keys
      Author(s)       : S. Farrell, S. Turner
      Filename        : draft-ietf-smime-rcek-01.txt
      Pages           : 7
      Date            : 08-Feb-01
      
This note describes a way to include a key identifier in a CMS
enveloped data structure, so that the content encryption key can be
re-used for further enveloped data packets.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-rcek-01.txt

Internet-Drafts are also available by anonymous FTP. Login 
with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
      "get draft-ietf-smime-rcek-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


Internet-Drafts can also be obtained by e-mail.

Send a message to:
      mailserv(_at_)ietf(_dot_)org(_dot_)
In the body type:
      "FILE /internet-drafts/draft-ietf-smime-rcek-01.txt".
      
NOTE: The mail server at ietf.org can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant 
mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e. documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
              
              
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  S/MIME WG meeting at 50th IETF, Russ Housley
Next by Date:  Re: I-D ACTION:draft-ietf-smime-rcek-01.txt, Stephen Farrell
Previous by Thread:  I-D ACTION:draft-ietf-smime-rcek-01.txt, Internet-Drafts
Next by Thread:  Re: I-D ACTION:draft-ietf-smime-rcek-01.txt, Stephen Farrell
Indexes:  [Date] [Thread] [Top] [All Lists]