[Top] [All Lists]

RE: WG Last Call: cmsalg

2001-08-21 09:16:04


[JLS] 3. Section 3.2: The paragraph "CMS implentations that support ..." should
be removed.  This is a protocol statement on CMS not CMSALGs.

[Paul] Disagree. This paragraph shows a linkage between RSA and SHA-1, which
is perfectly reasonable.

[JLS] I would agree with a statement that says.  "Implementations of RSA
(PKCS #1 v1.5) signature algorithm MUST implement the SHA-1 message
digest algorithm."

[Russ] I am confused here.  The current text is:

   CMS implementations that support the RSA (PKCS #1 v1.5) signature
   algorithm MUST also support the SHA-1 message digest algorithm.  Such
   implementations SHOULD also support MD5 message digest algorithm.

Are you really only asking that we change "support" to "implement"?

[JLS] 8.  Section 4.4, Para 2:  This contains a MUST on CMS.  It needs to be

[Paul] Disagree for same reason above.

[JLS] Again what is the test case (this is a MUST).  Do you mean that I
cannot have a CMS implemention that supports password based key
management but does not support PBKDF2?  There are no other manditory
algorithm implementations in this document.  This one should not be

[Russ] Here I agree with Jim. At the London meeting, we agreed that all of the algorithms listed in CMSALG would be MAY implement, and that other documents would make MUST statements. For example, the updated MSG document will reference CMSALG and make MUST statements.

I think that the updated MSG document should say that implementations that support password-based key management, then they MUST implement PBKDF2.