[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-smime-rcek-01.txt

To: Mike Just <mike.just@xxxxxxxxxxx>
Subject: Re: I-D ACTION:draft-ietf-smime-rcek-01.txt
From: Stephen Farrell <stephen.farrell@xxxxxxxxxxxx>
Date: Wed, 14 Feb 2001 10:31:03 +0000
Cc: ietf-smime@xxxxxxx
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Organization: Baltimore Technologies Ltd.
References: <>
Reply-to: stephen.farrell@xxxxxxxxxxxx
Sender: owner-ietf-smime@xxxxxxxxxxxx

Thanks Mike,

Will add words to that effect.

Stephen.

> Mike Just wrote:
> 
> Hi Stephen, Sean,
> 
> Possibly another item worth including in the Security Considerations section. Suppose MSG1 is sent
> to a set S1 of users. In the case where MSG2 is sent to only a subset of users in S1, all users
> from S1 will still be able to decrypt MSG2 (since MSG2.KEK is computed only from MSG1.CEK).  I
> don't think you intended for your solution to be used for such dynamic recipient sets, but it
> might be worth explicitly mentioning this unfortunate side-effect of key re-use in any case.
> (Might be enough to mention that the recipient lists must be the same for each message.)
> 
> Mike J.
> 
-- 
____________________________________________________________
Stephen Farrell         				   
Baltimore Technologies,   tel: (direct line) +353 1 881 6716
39 Parkgate Street,                     fax: +353 1 881 7000
Dublin 8.                mailto:stephen.farrell@xxxxxxxxxxxx
Ireland                             http://www.baltimore.com

References:
- RE: I-D ACTION:draft-ietf-smime-rcek-01.txt
  - From: Mike Just

Prev by Date: RE: I-D ACTION:draft-ietf-smime-rcek-01.txt
Next by Date: I-D ACTION:draft-ietf-smime-domsec-08.txt
Previous by thread: RE: I-D ACTION:draft-ietf-smime-rcek-01.txt
Next by thread: WG Last Call:draft-ietf-smime-rcek-01.txt
Index(es):
- Date
- Thread