[Top] [All Lists]

RE: WG Last Call: cmsalg

2001-08-21 07:45:23


Here are my thoughts in return.

-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Paul 
Hoffman / IMC
Sent: Monday, August 20, 2001 9:16 AM
To: jimsch(_at_)exmsft(_dot_)com; 'Housley, Russ'; ietf-smime(_at_)imc(_dot_)org
Subject: RE: WG Last Call: cmsalg

A few notes on Jim's comments.

At 10:39 PM -0700 8/19/01, Jim Schaad wrote:
1.  Introduction:  CMSALG cannot have a protocol requirement on CMS.
lowercase MAY statements in the first paragraph of the introduction.

Disagree. The "MAY" vs "may" here indicates references into this 
document, not external documents. By using "MAY", this is made 

[JLS]  Given what the statements actually say, I don't think that a
protocol based MAY is very appropriate.  You MAY do this. You MAY do
other things also.  I would not have the first idea of how to write a
test case for this as a protocol statement.  While I understand that
MAYs do not have to be tested, if you were to test this statement how
would you go about doing so.

3.  Section 3.2: The paragraph "CMS implentations that support ..."
be removed.  This is a protocol statement on CMS not CMSALGs.

Disagree. This paragraph shows a linkage between RSA and SHA-1, which 
is perfectly reasonable.

[JLS] I would agree with a statement that says.  "Implementations of RSA
(PKCS #1 v1.5) signature algorithm MUST implement the SHA-1 message
digest algorithm."

8.  Section 4.4, Para 2:  This contains a MUST on CMS.  It needs to be

Disagree for same reason above.

[JLS] Again what is the test case (this is a MUST).  Do you mean that I
cannot have a CMS implemention that supports password based key
management but does not support PBKDF2?  There are no other manditory
algorithm implementations in this document.  This one should not be

--Paul Hoffman, Director
--Internet Mail Consortium

--- regards - jim