[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-rfc2632bis-00.txt

2002-03-18 14:01:09

Thanks for the comments, Jim -- one quick question below.

----- Original Message -----
From: "Jim Schaad" <jimsch(_at_)nwlink(_dot_)com>
To: <ietf-smime(_at_)imc(_dot_)org>; "'Blake Ramsdell'" 
Sent: Monday, March 18, 2002 10:27 AM
Subject: RE: I-D ACTION:draft-ietf-smime-rfc2632bis-00.txt

1.  I strongly disagree that md2-with-RSA is a MUST.  I think this
should be a MAY or omitted.

On what basis you you disagree?

For compatibility, dropping MD2 may not be the best idea.  Based on a quick
evaluation of the root self-signed certificates that I have, I found 108
total certificates, 11 of which were signed with MD2 (44 were signed with
MD5, the rest with SHA-1).