[Top] [All Lists]

Re: I-D ACTION:draft-ietf-sip-smime-aes-00.txt

2003-03-10 18:08:57

----- Original Message -----
From: "Russ Housley" <housley(_at_)vigilsec(_dot_)com>
To: "Peterson, Jon" <jon(_dot_)peterson(_at_)neustar(_dot_)biz>
Cc: <ietf-smime(_at_)imc(_dot_)org>
Sent: Tuesday, March 11, 2003 7:28 AM
Subject: RE: I-D ACTION:draft-ietf-sip-smime-aes-00.txt


CMS no longer includes any mandatory to implement algorithms.  This was
done so that each application could assign the best algorithms for their

For S/MIME version 3.1, the mandatory to implement encryption algorithm is
Triple-DES.  I do not expect this to change.  However, there has been
discussion about making AES a SHOULD implement algorithm.  The "Use of AES
with CMS" specification is finally nearly finished.  This is intended to
send a message to implementors that AES will probably become a MUST
implement algorithm in the future.  At that time, AES would become MUST
Triple-DES would become SHOULD (to preserve interoperability with old

Is backwards interoperability considered a SHOULD? I would think that it's
important enough to make it a MUST (at least for decryption of old


<Prev in Thread] Current Thread [Next in Thread>