ietf-smime
[Top] [All Lists]

Re: [smime] HTTP Encrypted Content-Encoding

2015-04-01 18:43:31
On 1 April 2015 at 14:12, Paul Hoffman <paul(_dot_)hoffman(_at_)vpnc(_dot_)org> 
wrote:
In particular, I think that CMS encrypted types might be useful here to give 
them more flexibility than what they have now, and so they don't eventually 
have to reinvent a bunch of CMS. It also might be overkill. Thoughts?

It was an explicit goal to NOT have flexibility in addition to what is
provided by content-encoding negotiation.  That is, if
chacha20-poly1305 was considered categorically better, a new
content-encoding would be needed and support for it negotiated using
the mechanisms that HTTP provides.

If envelopedData works well for them, great; if not, let's be sure to help 
them avoid pitfalls.

When I looked at this, it was not apparent that CMS was capable of
supporting the streaming use case.  That meant defining new algorithms
and OIDs for an algorithm that did support that.

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime