Russ,
9) Table 1, Message Authentication note: Please add this note to
immediately follow the table: "Note 3: Only those CMS
implementations that
support the AuthenticatedData content-type MUST implement
the HMAC with
SHA-1 algorithm."
Done. Here is the updated table (view it in a fixed pitch font):
Table 1. CMS Implementation Algorithm Requirements
Algorithm Type MUST implement SHOULD implement
-----------------------------------------------------------------
Message Digest SHA-1 MD5
Signature DSA and RSA (1) --
Key Management
Key Agreement -- X9.42 E-S D-H
Key Transport RSA --
Symmetric KEK Wrap Triple-DES Key Wrap RC2 Key Wrap
Key Derivation PBKDF2 (2) --
Content Encryption Triple-DES CBC RC2 CBC
Message Authentication HMAC with SHA-1 (3) --
Note 1: CMS implementations MUST be able to verify signatures
with both DSA and RSA (PKCS #1 v1.5), and they MUST be
able to generate signatures with at least one of them.
Note 2: Only those CMS implementations that support password-
based key management MUST implement the PBKDF2 key
derivation algorithm as specified in RFC 2898 [PKCS#5].
Note 3: Only those CMS implementations that support
authenticated-data MUST implement the HMAC with SHA-1
algorithm as specified in RFC 2104 [HMAC].
Given the confusion and other items for RSA I would like to see the
following done:
Note 4: The use of RSA as a signature algorithm is for historical purposes
only and does not imply that it needs to work with all message digest
algorithms. RSA (PKCS #1 v1.5) signatures using SHA-1 MUST be implemented.
RSA (PKCS #1 v1.5) signatures using MD5 SHOULD be implemented.
Russ
jim