[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Corrected Samples for Examples-07 I-D

To: "Pawling, John" <John.Pawling@xxxxxxxxxxxxxxxx>
Subject: Re: Corrected Samples for Examples-07 I-D
From: "Life is hard, and then you die" <ronald@xxxxxxxxxxxxxx>
Date: Sat, 21 Apr 2001 16:18:32 -0700
Cc: "SMIME Examples List (E-mail)" <ietf-smime-examples@xxxxxxx>, "Colestock, Robert" <Robert.Colestock@xxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime-examples/mail-archive/>
List-id: <ietf-smime-examples.imc.org>
List-unsubscribe: <mailto:ietf-smime-examples-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime-examples@xxxxxxxxxxxx

On Fri, 6 Apr 2001 at 15:18:30 -0400, John Pawling wrote:
> 1) We corrected the SFL to use the id-dsa-with-sha1 OID for DSA signatures
> as specified in RFC 2630, Section 12.2.1.  New samples including the
> corrected OID are provided for sections 5.1, 5.3, 5.4, 5.6, 5.7, 5.10, 11.1,
> 11.3, 11.4, 11.5, 11.6.  Note: We generated new samples for all DSA-signed
> messages including those submitted by Jim Schaad, because we (and others)
> could not verify the signature of Jim's DSA-signed messages.

I can successfully verify the signatures on all these now (except for
Diane's sig on 5.6, as we don't support parameter inheritance).

> 2) We corrected the SFL to properly implement the following requirement as
> specified in RFC 2630, Section 12.3.1: "For key agreement of RC2
> key-encryption keys, 128 bits must be generated as input to the key
> expansion process used to compute the RC2 effective key [RC2]."  New
> corrected samples are provided for sections 6.3, 6.7, 6.9, 6.10.  The sample
> for section 6.7 also included the correct KEKRecipientInfo version value
> (4).  

Ok, I can successfully decrypt all these now, except for 6.7 which I
haven't tested yet.

Note that 6.4, 6.5, and 6.8 all still have the wrong OId in the
KeyEncryptionAlgorithmIdentifier.

> 3) We were unable to use the BobPrivRSAEncrypt private key included in the
> Examples-06 document.  We are providing a new BobPrivRSAEncrypt private key
> that can be used to decrypt the sample 6.2 message included in the
> Examples-06 document.  We are also providing a new BobRSASignByCarl
> certificate.  

Umm, this is getting confusing. For one, the key and certificate you
just provided are identical to those in the examples-06 document. The
correct key however can be found in
http://www.imc.org/ietf-smime-examples/mail-archive/bin00002.bin .
Using this I can decrypt 6.2, 6.3, and 6.9.

OTOH, I can't verify Bob's signature 11.2 - was that perchance
generated using the key from examples-06?

  Cheers,

  Ronald

Follow-Ups:
- Re: Corrected Samples for Examples-07 I-D
  - From: Dr S N Henson

Prev by Date: RE: Signed Receipts using Outlook Express
Next by Date: Re: Corrected Samples for Examples-07 I-D
Previous by thread: Corrected Samples for Examples-07 I-D
Next by thread: Re: Corrected Samples for Examples-07 I-D
Index(es):
- Date
- Thread