[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Review of RFC 3278 Update

To: "'Jim Schaad'" <jimsch@xxxxxxxxxx>
Subject: RE: Review of RFC 3278 Update
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Tue, 25 Mar 2008 10:49:12 -0400
Cc: "'Ietf-Smime'" <ietf-smime@xxxxxxx>
In-reply-to: <027701c88a47$078aff00$16a0fd00$@com>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Organization: IECA, Inc.
References: <027701c88a47$078aff00$16a0fd00$@com>
Sender: owner-ietf-smime@xxxxxxxxxxxx
Thread-index: AciKRwcEDQCLxl0wQXqmA0WbJwEUzgEN+Keg

Jim,

1. I think we should mandate SHA-256 and the others should be optional.

2. We should match the curves/hashes as follows:

 SHA-256 matches P-256
 SHA-384 matches P-384
 SHA-512 matches P-521

3. No reason I missed it.

spt

>-----Original Message-----
>From: Jim Schaad [mailto:jimsch@xxxxxxxxxx] 
>Sent: Thursday, March 20, 2008 12:58 AM
>To: Sean P. Turner
>Cc: Ietf-Smime
>Subject: Review of RFC 3278 Update
>
>Sean,  a couple of comments.
>
>1.  I think you need to look at updating section 5.  Which of 
>the hash algorithms are considered to be mandatory to 
>implement for ECDSA?
>
>2.  I don't know if there is any degree of tie-in between the 
>set of ECC curves and the hash algorithms being specified.  I 
>know there are some correspondences for DSA.  I believe that 
>this should be stated either way, potentially as a security 
>consideration.
>
>3.  Is there a reason that you have not updated section 7?
>
>jim
>

Prev by Date: RE: S/MIME v3.2 IDs key size text
Previous by thread: Review of RFC 3278 Update
Index(es):
- Date
- Thread