RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS to Proposed Standard

["Jim Schaad" <jimsch@nwlink.com>]

It would be called that I missed that issue on the IDEA draft since I was
still fixated over the fact that the encodings in the draft was wrong and
had not looked at the higher level.  Additionally, since I reviewed them at
different times, I did not have the same critiera all of the time. (I
suppose I should write it down so that I am more consistant :)

jim

> -----Original Message-----
> From: owner-ietf-smime@mail.imc.org
> [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Jim Schaad
> Sent: Friday, June 23, 2000 1:10 PM
> To: Carlisle Adams; 'Blake Ramsdell'
> Cc: ietf-smime@imc.org
> Subject: RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS
> to Proposed Standard
>
>
> This is still my position.  If, for a D-H key, you make the statment that
> CAST128 is supported as a bulk algorithm, then you must support
> the CAST128
> wrap of CAST128 because that is the only way of doing it.
>
> jim
>
> > -----Original Message-----
> > From: owner-ietf-smime@mail.imc.org
> > [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Carlisle Adams
> > Sent: Tuesday, June 20, 2000 7:19 AM
> > To: 'Blake Ramsdell'
> > Cc: 'ietf-smime@imc.org'
> > Subject: RE: Last Call: Use of the CAST-128 Encryption Algorithm in CMS
> > to Proposed Standard
> >
> >
> > Hi Blake,
> >
> > Good to hear from you again!
> >
> > > ----------
> > > From: 	Blake Ramsdell[SMTP:blake.ramsdell@tumbleweed.com]
> > > Sent: 	Monday, June 19, 2000 4:14 PM
> > > To: 	'ietf-smime@imc.org'
> > > Subject: 	RE: Last Call: Use of the CAST-128 Encryption Algorithm in
> > > CMS to Proposed Standard
> > >
> > > Two comments, don't know if they're major.
> > >
> > > 1. Section 3 does not list an SMIMECapability for key wrapping
> > using IDEA,
> > > only for symmetric encryption.  Don't know if that was intended.
> >
> > I suspect that you mean "CAST-128" above, rather than "IDEA"...
> >
> > In any case, I originally had both OIDs here (symm. encryption and key
> > wrapping), but in a note posted on Nov. 18, 1999, Jim Schaad
> included the
> > following comment:
> >
> > "2.  Section 3 Para 1.  You state that you must include the
> above OIDs in
> > the symmetric algorithms section of capabilities, but only one
> of the oids
> > is a symmetric algorithm.  At the
> > current time we are "implying" the key wrap from the symmetric
> > algorithm as
> > only same key wrap is supported in CMS.  Please change to the
> correct OID
> > reference."
> >
> > So, I took out the key wrap OID and left only the one for symmetric
> > encryption.
> >
> > > 2. I think that the example in section 3 should clarify that the
> > > cast5CBCParameters are encoded with the iv omitted.
> >
> > I guess it seemed clear to me that if you were only advertising your
> > capabilities (in this case, symmetric algorithm and key length),
> > an IV would
> > be irrelevant and would therefore be omitted.  If you wish,
> however, I can
> > add a sentence to this effect when the document has been approved
> > and I get
> > the 1-day window to send any tiny edits to the RFC editor.  Let
> me know if
> > you really think this is necessary.
> >
> > Thanks for taking the time to look through this draft!
> >
> > Carlisle.
> >
> >
>
>