It's not clear to me that there is consensus on this path (unfortunately,
there seemed to be no reaction on either side to this email) as reflected in
the latest version of the Charter.
I'd like to re-iterate Robert's concerns (from his e-mail of 04/19/2002) and
ask the fundamental question: Why are we even considering KEM when we
already have a sufficient solution with OAEP?
Mike
-----Original Message-----
From: Housley, Russ [mailto:rhousley(_at_)rsasecurity(_dot_)com]
Sent: Wednesday, April 24, 2002 5:14 PM
To: ietf-smime(_at_)imc(_dot_)org
Subject: RE: Charter Update
Is the WG consensus that RSA-OAEP, RSA-KEM, and AES should be in separate,
independent documents. This would allow AES to be used with any of the key
management techniques?
Russ