On Mon, Aug 15, 2016 at 2:27 PM, Russ Housley <housley(_at_)vigilsec(_dot_)com>
wrote:
Quan:
I do not think that we can change the DEFAULT value associated with these
OIDs. Changing the meaning of an absent aes-ICVlen will result in too many
interoperability problems.
Yeah, I'm aware of it and I understand your concern.
However, we could put out a very short RFC that updates RFC 5084 to
recommend the use of 16 octet authentication tags in all situations.
Thanks for doing this :) It's SGTM.
Are you willing to help write?
If you need opinion or having (security-wised) questions, I'm here to
answer yours. I can't help with writing because English is not my native
language and I'm not good at writing English ( this is the skill that I'm
trying to improve).
Russ
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime