Dear S/MIME WG:
At the face-to-face meeting in London last week, there was strong consensus
that the CMS not specify any mandatory to implement algorithms. I just
sent the rfc2630bis and cmsalg I-Ds that implement this decision.
This means that all protocols that employ the CMS MUST specify their own
mandatory to implement algorithms.
Dear S/MIME WG:
A few weeks ago, Jim Schaad submitted a simple comment on
draft-ietf-smime-rfc2630bis-00. Jim wrote:
2. I have a sever problem with the following text "However, implementations
of the CMS MUST support the mandatory to implement algorithms specified in
[CMSALG], or its successor." It is my believe that this statement should be
removed for the following reasons:
a) This violates the letter and spirit of the IETF process rules for
pushing documents to standards. In my opinion if this becomes a standard
then CMSALG must also be a standard. Also if CMSALG is reset to draft, so
must this draft. The words "MUST support" is extremely normative.
b) If I create a toolkit or other system and publish that I am STD [CMS]
conformant. It does not make sense that by updating the set of required
algorithms I loose conformance to that standard. I was compliant, I loose
compliance through no action of mine. This argues that a new standard
number should be applied.
c) The reasoning behind not having a MUST for certificates is even more
strongly appliciable here. While certificates and heirarchies can move
between different applications (thus making the arugment that application
spaces should mandate algorithms a somewhat odd argument), that is not the
case with CMS objects. If S/MIME and CMS/SET were to specificy that
different content encryption algorithms be required, there is no
interactions between the spaces. An S/MIME message would never be consumed
(successfully) by a CMS/SET application nor would one expect it to be used.
From this standpoint I think that not requiring a MUST on algorithms from
CMS makes sense.
I have discussed this issue with both of the Security Area Directors. Only
one thing is clear: we cannot have a MUST statement that references
"[CMSALG], or its successor."
If we were to achieve Full Standard status with the specification that we
are working on, then changing the mandatory to implement algorithm would
reset the status of the updated protocol to Proposed Standard. I expect
such a change at some point, probably to change the mandatory cipher from
Triple-DES CBC to AES CBC.
There are other protocols besides S/MIME that are using CMS. If CMS has
mandatory to implement algorithms, then many of the interoperability issues
are handled by a simple reference. On the other hand, if CMS does not
include any mandatory to implement algorithms, then each reference must
As many of you know, I am arguing for a common set of cryptographic
algorithms throughout the IETF Security Area. Having each CMS referee
specify their own set of algorithms does not support this objective.
What do others think?