I have the following comments:
1. Section 4, para 6: The following paragraph does not make complete sense
to me.
keyAlg is the algorithm identifier (and associated parameters, if
any), for the MSG2 key encryption algorithm. Note that it is not
necessary to protect this field MSG.KEK is only used by the
originator.
I think what this is suppose to imply is that if the field is modified it
is a denial of service attack but nothing more (i.e. the originator and
receiver will use different algorithms to derive the KEK from the CEK and
the decrypt will fail). If the field is only used by the originator, why
send it at all.
2. Appendix A: PBKDF2-params needs to have the comma removed following the
last field.
jim
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Housley,
Russ
Sent: Tuesday, May 01, 2001 6:49 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: WG Last Call Extended: draft-ietf-smime-rcek-02.txt
Steve Farrell has updated the RCEK document to address the
comments raised
during WG Last Call. To give everyone a chance to review the
updates, I am
extending the WG Last Call until 7 May 2001. Please post any
remaining
issues to the S/MIME WG mail list.
Title : Reuse of CMS Content Encryption Keys
Author(s) : S. Farrell, S. Turner
Filename : draft-ietf-smime-rcek-02.txt
Pages : 9
Date : 30-Apr-01
Russ