[Top] [All Lists]

Mandatory to Implement Algorithms in CMS

2001-06-28 13:35:13


A few weeks ago, Jim Schaad submitted a simple comment on draft-ietf-smime-rfc2630bis-00. Jim wrote:

2.  I have a sever problem with the following text "However, implementations
of the CMS MUST support the mandatory to implement algorithms specified in
[CMSALG], or its successor."  It is my believe that this statement should be
removed for the following reasons:

a)  This violates the letter and spirit of the IETF process rules for
pushing documents to standards.  In my opinion if this becomes a standard
then CMSALG must also be a standard.  Also if CMSALG is reset to draft, so
must this draft.  The words "MUST support" is extremely normative.

b)  If I create a toolkit or other system and publish that I am STD [CMS]
conformant.  It does not make sense that by updating the set of required
algorithms I loose conformance to that standard.  I was compliant, I loose
compliance through no action of mine.  This argues that a new standard
number should be applied.

c)  The reasoning behind not having a MUST for certificates is even more
strongly appliciable here.  While certificates and heirarchies can move
between different applications (thus making the arugment that application
spaces should mandate algorithms a somewhat odd argument), that is not the
case with CMS objects.  If S/MIME and CMS/SET were to specificy that
different content encryption algorithms be required, there is no
interactions between the spaces.  An S/MIME message would never be consumed
(successfully) by a CMS/SET application nor would one expect it to be used.

From this standpoint I think that not requiring a MUST on algorithms from
CMS makes sense.

I have discussed this issue with both of the Security Area Directors. Only one thing is clear: we cannot have a MUST statement that references "[CMSALG], or its successor."

If we were to achieve Full Standard status with the specification that we are working on, then changing the mandatory to implement algorithm would reset the status of the updated protocol to Proposed Standard. I expect such a change at some point, probably to change the mandatory cipher from Triple-DES CBC to AES CBC.

There are other protocols besides S/MIME that are using CMS. If CMS has mandatory to implement algorithms, then many of the interoperability issues are handled by a simple reference. On the other hand, if CMS does not include any mandatory to implement algorithms, then each reference must specify them.

As many of you know, I am arguing for a common set of cryptographic algorithms throughout the IETF Security Area. Having each CMS referee specify their own set of algorithms does not support this objective.

What do others think?