S/MIME Minutes/Summary - IETF 70
3 drafts were published:
RFC5055 (ESSCertId update),
RFC 5083 (AuthEnvelopedData content type),
RFC5084 (aes-ccm/aes-gcm use of AuthEnvelopedData content type)
2 with RFC editor symkeydist and cades
3 addressing IESG LC comments rsa-kem, ibearch, bfibecms
4 active IDs:
Multiple Signatures Attribute,
SHA2 Algorithms,
S/MIME V3.2 MSG,
S/MIME v3.2 CERT
Jim Schaad discussed the Multiple Signatures Attribute draft
Only updates were to security considerations section. Consider work complete
and move to issue 4-week WG LC (accounts for holidaze)
Sean Turner discussed the SHA2 algorithms draft
The draft was updated to include object identifiers for RSA and ECDSA
algorithms. Consider work complete and move to issue 4-week WG LC
Sean Turner discussed the S/MIME v3.2 drafts
Intent of drafts is to update algorithms. Adopted IKEv2 language with
respect to MUST, SHOULD+, and SHOULD- to provide implementors more
information. Dropped RC2 support, made SHA-256 MUST, SHA-1 SHOULD-, AES 128
MUST, etc. Two comments were raised about IPR: SHA2 and ECDSA. Should we
have an IPR statement from NIST (or whoever) about SHA2? Since we made ECDSA
a SHOULD+ is there any IPR with respect to ECDSA and issuing certificates or
using it with S/MIME?
Paul Hoffman discussed draft-hoffman-cms-new-asn1-00
Developed an ID to include ASN.1 for most S/MIME WG ASN.1 modules. Moving to
support the latest ASN.1 which is made possible by the A2C compiler they
have developed. Question was whether WG should adopt the draft as a WG item.
The WG felt that it should be because a) the WG is place where S/MIME
implmentors should discuss implementation issues b) it will be listed on the
WG charter page and therefore will be easier to find. There were no
objections to adding it to the WG.
Wrap-up discussion
WG LCs will be issued for SHA2 and Mutliple Signatures.
Ask WG what key sizes should be required, track down IPR issues.
Accept ASN ID as work item.