Re: WG Last Call:draft-ietf-smime-rcek-01.txt
Stephen Farrell <stephen.farrell@baltimore.ie> Tue, 27 February 2001 11:52 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA04144 for <smime-archive@odin.ietf.org>; Tue, 27 Feb 2001 06:52:52 -0500 (EST)
Received: (from majordomo@localhost) by above.proper.com (8.9.3/8.9.3) id DAA18096 for ietf-smime-bks; Tue, 27 Feb 2001 03:27:53 -0800 (PST)
Received: from balinese.baltimore.ie (firewall-user@pc215-8.indigo.ie [194.125.215.8]) by above.proper.com (8.9.3/8.9.3) with ESMTP id DAA18085 for <ietf-smime@imc.org>; Tue, 27 Feb 2001 03:27:50 -0800 (PST)
Received: by balinese.baltimore.ie; id LAA07756; Tue, 27 Feb 2001 11:27:46 GMT
Received: from emeairlsw1.ie.baltimore.com(10.153.25.53) by balinese.baltimore.ie via smap (V4.2) id xma005370; Tue, 27 Feb 01 11:21:56 GMT
Received: from bobcat.baltimore.ie (bobcat.ie.baltimore.com) by emeairlsw1.baltimore.com (Content Technologies SMTPRS 4.2.1) with ESMTP id <T51fc0a49890a991935131@emeairlsw1.baltimore.com>; Tue, 27 Feb 2001 11:21:23 +0000
Received: from baltimore.ie (ip187-24.ie.baltimore.com [10.153.24.187]) by bobcat.baltimore.ie (8.9.3/8.9.3) with ESMTP id LAA01901; Tue, 27 Feb 2001 11:21:55 GMT
Message-ID: <3A9B8DD2.560BB367@baltimore.ie>
Date: Tue, 27 Feb 2001 11:21:54 +0000
From: Stephen Farrell <stephen.farrell@baltimore.ie>
Reply-To: stephen.farrell@baltimore.ie
Organization: Baltimore Technologies Ltd.
X-Mailer: Mozilla 4.72 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: jimsch@exmsft.com
CC: ietf-smime@imc.org
Subject: Re: WG Last Call:draft-ietf-smime-rcek-01.txt
References: <000401c0a04c$60c7f650$1500a8c0@soaringhawk.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
Hi Jim, [...] > What I > would like to see is a discussion of when a protocal should use the proposed > method rather than one of the above suggested methods. Ok - how about adding this to section 2: "There are other ways that could be envisaged to establish the required symmetric keying material, e.g. by leveraging a group keying scheme or by defining a content type that contains a KEK value. Although this scheme is much simpler than generic group key management, if an implementation already supports group key management then this scheme doesn't add value. This scheme is also suitable for inclusion in CMS libraries (though the addition of new state might be a problem for some implementations), which can offer some advantages over application layer (e.g. where the content includes the KEK) schemes." Definitely needs wordsmithing, but is that the type of thing you mean? > > > 5. Section 3. What is the default value of CEKMaxDecrypts > > if it is not > > > present. > The two values that I though of immeadately are either 1 or inifinite. Of > the two I would probably go with 1 and insist that you do continous > chaining. One is fine then. Will add. > > > 6. Section 4. First, the CE algorithm and the KE [...] > > I would like to see the phrase "using the same underlying cryptographic > operation" added somehow. I could argue that MARS and AES use the same > format and size of keying material and they are of similar strength. Do you > want to be using the byte swapping this case as well? Fair point. Will add that. > > > > 9. Appendix A. --<<IMPLICIT??>>-- should be removed or fixed > > > > Well, which do you prefer in this case? I'm not sure. > > For your module it makes absolute no difference as there is no tagging > contained in the module. Phew! (I just hate tags:-) > > > 12. Please add comments to the effect of what goes into > > each of the fields > > > and that there is an association between the pairs as OID > > attribute value. [...] > I don't expect that the ASN.1 module will stay with the i-d. I often take > out the modules and save them on their own. It is useful to be able to scan > the ASN when I am decoding messages without having to resort to reading the > entire draft. Well...I agree its somewhat useful, but I also think its marginal and in the worst case misleading (too abbreviated). However, since its not worth getting hung up about this, I'll add comments like those in CMS. Stephen. -- ____________________________________________________________ Stephen Farrell Baltimore Technologies, tel: (direct line) +353 1 881 6716 39 Parkgate Street, fax: +353 1 881 7000 Dublin 8. mailto:stephen.farrell@baltimore.ie Ireland http://www.baltimore.com
- WG Last Call:draft-ietf-smime-rcek-01.txt Russ Housley
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Russ Housley
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Stephen Farrell
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Russ Housley
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt William Whyte
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Stephen Farrell
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Russ Housley
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Paul Lambert
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Eric Rescorla
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Tolga Acar
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Stephen Farrell
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Jim Schaad
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Stephen Farrell
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Jim Schaad
- Re: WG Last Call:draft-ietf-smime-rcek-01.txt Stephen Farrell
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt FRousseau
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Simon Blake-Wilson
- RE: WG Last Call:draft-ietf-smime-rcek-01.txt Magnus Nystrom