I do not think that we can change the DEFAULT value associated with these
OIDs. Changing the meaning of an absent aes-ICVlen will result in too many
Yeah, I'm aware of it and I understand your concern.
However, we could put out a very short RFC that updates RFC 5084 to
recommend the use of 16 octet authentication tags in all situations.
Thanks for doing this :) It's SGTM.
Are you willing to help write?
smime mailing list