One week ago I posted a note with the summary of the four outstanding
technical issues with respect to the two documents. I asserted a
working group position and asked for comments. Here is a summary of the
comments that resulted.
SECURITY MULTIPARTS DOCUMENT
1. Suggestion to remove the protocol parameter
The person who originally proposed its removal acknowledged the
usefulness of the parameter and agreed it should remain.
Since there has been no further discussion about this document it should
be advanced to the IESG for consideration as a proposed standard.
PEM/MIME DOCUMENT (I reordered this list but left the numbers the same)
2. Suggestion to canonicalize text line breaks prior to encryption
As has been reported, MIME is required to handled this so it is not
necessary for encryption.
3. Suggestion to use hex encoding for all key selectors (THIS IS NEW)
There was no further discussion on this issue so it is accepted as
stated. The document will be revised accordingly.
1. Suggestion to require key selector to be the public key
This is the only contentious issue. There are clearly individuals on
both sides of the issue. The two sides of the issue are as follows:
Represented by the authors (Steve Crocker, Ned Freed, Jim Galvin,
Sandy Murphy):
Allow the key selector to be an arbitrary value
Represented by Steve Dusse and Jeff Thomson:
Require the key selector to be the public key
Warwick Ford and Jeff Schiller has expressed explicit support for
allowing the key selector to be an arbitrary value.
Burt Kaliski proposed an alternate mechanism: include the hash of the
public key.
Several others have explicitly expressed no preference.
My interpretation of these facts is that the rough consensus of the
working group is to progress the document as specified.
At this time I believe the correct course of action is to submit the
document to the IESG for consideration as a proposed standard (revised
as indicated above).
Jim