Quan:
I do not think that we can change the DEFAULT value associated with these
OIDs. Changing the meaning of an absent aes-ICVlen will result in too many
interoperability problems.
Yeah, I'm aware of it and I understand your concern.
However, we could put out a very short RFC that updates RFC 5084 to
recommend the use of 16 octet authentication tags in all situations.
Thanks for doing this :) It's SGTM.
Are you willing to help write?
Russ
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime