Hi Russ,
Thanks for the speedy response.
I have no problem with this. Can we add a paragraph to the Security
Considerations that warns implementors that a wider has MAY be specified
when stronger (symmetric algorithms with longer key sizes) are supported
(e.g., AES)?
Okay.
Please add a Intellectual Property Rights section to the document. Please
take a look a section 9 of RFC 2459 for an example. Also, take a look at
the references made in the discussion of the RSA algorithm (the patent had
not expired when RFC 2459 was published). This provides a simple "heads up."
I think we already have an IPR section in the document. Rather than single out
one algorithm for an IPR pointer, we propose to add a sentence to the abstract
along the similar lines to 2459 - something like "An IPR statement regarding the
use of ECC in CMS can be found in Section xyz". Okay?
Best regards. Simon