Re: [Fwd: I-D ACTION:draft-ietf-smime-3851bis-09.txt]
Sean Turner <turners@ieca.com> Thu, 23 April 2009 20:53 UTC
Return-Path: <owner-ietf-smime@mail.imc.org>
X-Original-To: ietfarch-smime-archive@core3.amsl.com
Delivered-To: ietfarch-smime-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D53DE3A6833 for <ietfarch-smime-archive@core3.amsl.com>; Thu, 23 Apr 2009 13:53:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.535
X-Spam-Level:
X-Spam-Status: No, score=-2.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7HsKCU3zjH91 for <ietfarch-smime-archive@core3.amsl.com>; Thu, 23 Apr 2009 13:53:21 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 065843A6A90 for <smime-archive@ietf.org>; Thu, 23 Apr 2009 13:51:12 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n3NKhTBr002286 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 23 Apr 2009 13:43:29 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n3NKhT7R002285; Thu, 23 Apr 2009 13:43:29 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp108.biz.mail.re2.yahoo.com (smtp108.biz.mail.re2.yahoo.com [206.190.52.47]) by balder-227.proper.com (8.14.2/8.14.2) with SMTP id n3NKhIfv002261 for <ietf-smime@imc.org>; Thu, 23 Apr 2009 13:43:28 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 58550 invoked from network); 23 Apr 2009 20:43:17 -0000
Received: from unknown (HELO thunderfish.local) (turners@96.231.116.223 with plain) by smtp108.biz.mail.re2.yahoo.com with SMTP; 23 Apr 2009 20:43:17 -0000
X-Yahoo-SMTP: qPTWNAeswBAtDTSn9GKlmmL3C90ke7grn_5n9To-
X-YMail-OSG: nv46i.sVM1lifevqifcWLeemCgkz1GgQiCEeaROovElCE7k1bnEr7SR2l9boKd_l5QnP17._dQ0_I0cf.8XZ6dMoIhwQXJUCYNXejh3C.FbJ1lck4wKoTbL1uNXov5XeULpkPFlYhw.p5q0McrM2mPigZCgwWR6eUGvq.SuIaQ6WehFXFe7UEMEHnd8UeUQFL6z2yJ2RgFztdjbS3CfoWis0WRS.nh6IOZYm3yxOLZdWmdHaL0G37wq9UtT4for1Ey44pSJUlD4uBRqjUxf4kAxq.Vg3apdm90aLAk7tFfe7GwrJ6jjz
X-Yahoo-Newman-Property: ymail-3
Message-ID: <49F0D2E4.3060909@ieca.com>
Date: Thu, 23 Apr 2009 16:43:16 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302)
MIME-Version: 1.0
To: ietf-smime@imc.org
Subject: Re: [Fwd: I-D ACTION:draft-ietf-smime-3851bis-09.txt]
References: <49E4E4D9.5000208@ieca.com> <49EDBC74.6010102@ieca.com>
In-Reply-To: <49EDBC74.6010102@ieca.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
I did receive some comments on this draft at the last second. Two were on the key size text: - SHOULD- on 1024-bit DSA key ought to be SHOULD - In 4.3: 1023 <= key size <= 2048 : MUST needs to be 1024 <= key size <= 2048 : MUST (this is the same rationale as for 3850bis) The 1st one I think is a good suggestion because SHOULD- on a key size doesn't seem to make much sense to me especially in the light of DSA with SHA-256 being a SHOULD+. The 2nd one is editorial because we can't have two different requirements for the same key size. I also received some other non-key size related comments: - RSA-PSS should be replaced with RSASSA-PSS - RSA-OAEP should be replaced with RSAES-OESP - RSASA-PSS in references should be RSASSA-PSS - Change noted to 3.2.2 not implemented and should also be applied to 3.6 (replace encrypted with enveloped) - Rephrase the last sentence in the 2nd para of 2.3: OLD: As AES 128 CBC is the mandatory to implement content encryption algorithm thus, when DH ephemeral-static is supported, AES-128 key wrap algorithm MUST also be supported. NEW: As AES-128 CBC is the mandatory to implement content encryption algorithm, the AES-128 key wrap algorithm MUST also be supported when DH ephemeral-static is used - Rephrase 1st sentence in 4th of Security Considerations OLD: The choice of 2048 bits as the RSA asymmetric key size in this specification is based on the desire to provide 100 bits of security. NEW: The choice of 2048 bits as the RSA asymmetric key size in this specification is based on the desire to provide 112 bits of security. All but the last I consider editorial and will incorporate. For the last one, instead of replacing 100 with 112 I'd like to make it say "at least 100 bits of security". I think this is what we intended though technically a 2048-bit key size does offer 112 bits of security. Unless there's strong objections to these resolutions I'll post a new version of this ID Friday afternoon for Tim to continue processing. spt Sean Turner wrote: > > To date, I have received no comments on this version of the ID. > > spt > > Sean Turner wrote: >> This ID incorporates comments necessary to resolve IESG DISCUSSES, one >> IETF LC comment I missed, and incorporates key size text from our Area >> Directory. The changes were in some cases significant and as a result >> I'm asking for a one week comment period that will end 22 April 2009 @ >> 8am EST. >> >> spt > >
- Re: [Fwd: I-D ACTION:draft-ietf-smime-3851bis-09.… Sean Turner
- I-D ACTION:draft-ietf-smime-3851bis-09.txt Internet-Drafts
- [Fwd: I-D ACTION:draft-ietf-smime-3851bis-09.txt] Sean Turner
- Re: [Fwd: I-D ACTION:draft-ietf-smime-3851bis-09.… Sean Turner