Re: [smime] Message takeover attacks against S/MIME

On 08/03/2016 06:58, Russ Housley wrote:

I am hearing interest in these topics (a combination of things on this list 
and side conversations).

(1) Specify the way to use authenticated encryption in S/MIME.  Note that it 
is already done for CMS.

(2) Specify conventions for AES-CCM, AES-GCM, and ChaCha20 with Poly1305 
authenticated encryption algorithms.

(3) Specify conventions for using Curve25519 and Curve448 for key agreement.

(4) Specify conventions for using the CFRG chosen curves for elliptic curve 
digital signature.

(5) Specify a way to use PGP public keys in addition to PKIX certificates.

Anything else?


It would be good if "Domain-based signing and encryption using S/MIME"
(draft-melnikov-smime-msa-to-mda-04) can also be included.

Is this enough to re-charter the S/MIME WG?


I think so!

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [smime] Message takeover attacks against S/MIME, Russ Housley

Next by Date:

Re: [smime] Message takeover attacks against S/MIME, Phillip Hallam-Baker

Previous by Thread:

Re: [smime] Message takeover attacks against S/MIME, Russ Housley

Next by Thread:

Re: [smime] Message takeover attacks against S/MIME, Russ Housley

Indexes:

[Date] [Thread] [Top] [All Lists]