pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

summary of technical issues

1994-12-21 10:37:00
from [James M Galvin] [Permanent Link] 
I believe that all of the discussion over the past almost 2 weeks has
identified 3 technical issues, to which I would like to add one, making
4.  One refers to the Security Multiparts document and 3 refer to the
PEM/MIME document.

I'm going to state the 4 technical issues here.  I'm then going to send
a separate note for each issue to this mailing list and assert a working
group position.  If you disagree with the position you MUST send a note
to the pem-dev mailing list with an explanation of why you think the
position is incorrect.  NOTE, UNAMINIMITY IS NOT REQUIRED; ONLY ROUGH
CONSENSUS.  So, if you disagree with a position or agree with someone
else's disagreement, YOU MUST SAY SO.

In order that the documents may be revised in a timely fashion and then
submitted to the Working Group Chair, Steve Kent, for a last call, there
will be a 48 hour timeout on sending a message of disagreement.

If I've overlooked a technical issue please send me a note I'll take
care of it right away.


SECURITY MULTIPARTS DOCUMENT

1. Suggestion to remove the protocol parameter

   It was observed that the protocol parameter may provide only
   redundant information depending on the architecture of the MIME/PEM
   implementation.


PEM/MIME DOCUMENT

1. Suggestion to require key selector to be the public key

   Currently the key selector may be chosen arbitrarily (within
   specified functional constraints) by the owner of a public
   key.  It has been suggested this generality is unnecessary and puts
   undue burden on implementors.

2. Suggestion to canonicalize text line breaks prior to encryption

   Currently the specification requires the line break canonicalization
   for the digital signature service but not for the encryption service.
   It was pointed out that MIME should handle the necessary
   canonicalization for encryption.

3. Suggestion to use hex encoding for all key selectors (THIS IS NEW)

   Currently the specification requires that when the serial number of a
   certificate is used as a key selector, it should be hex encoded.  All
   other key selectors are base64 encoded.


Thanks,

Jim
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman
Next by Date:  Re: Canonical forms (Was: Re: PEM/MIME Encryption), Amanda Walker
Previous by Thread:  IEEE PASC Study Group on Encryption APIs, David M. Balenson
Next by Thread:  Re: summary of technical issues, Kazuhiko Yamamoto 山本和彦
Indexes:  [Date] [Thread] [Top] [All Lists]