Russ,
I agree this needs to be a MUST for the cms-alg draft. I think this is a
SHOULD for the S/MIME message draft if it decides to be different from the
cms-alg draft.
jim
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Housley,
Russ
Sent: Tuesday, July 10, 2001 9:51 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: Key Wrap Algorithms
All:
After a fairly long debate, the consensus on key management has been
reached. We seem to agree that:
Implementations MUST support key transport, key
agreement, and previously
distributed symmetric key-encryption keys, as represented
by ktri,
kari, and
kekri, respectively. Implementations MAY support the
password-based key
management as represented by pwri. Implementations MAY
support any other
key management technique as represented by ori.
At the last IETF meeting, we agreed on the mandatory to implement
algorithms. The Minutes say:
Signature: DSA and RSA (PKCS #1 v1.5) as per Russ' proposal
Message digest: SHA-1
Key Management: RSA (PKCS #1 v1.5)
Encryption: Triple-DES
But, the Minutes are silent about key wrapping.
It is my view that we should require implementations to
support Triple-DES
Key Wrap. This view is reflected in
draft-ietf-smime-cmsalg-00. And, I
think that this approach will facilitate the adoption of mail lists.
I want to hear from others. What do you think is the best
MUST and SHOULD
statements regarding key wrap algorithms?
Russ