[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D ACTION:draft-ietf-smime-sha2-08.txt

To: <ietf-smime@xxxxxxx>
Subject: RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Sat, 4 Oct 2008 15:15:54 -0400
In-reply-to: <985966520810031904w41a557ddk1c4822c852ecb7fc@xxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Organization: IECA, Inc.
References: <20080926224507.788F23A6A18@xxxxxxxxxxxxxx> <> <> <985966520810031904w41a557ddk1c4822c852ecb7fc@xxxxxxxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx
Thread-index: Acklx3UYxSYe/092SCabwUqvik/i+wAXuZ8g

In para 2, I'll remove the paragraph that starts "There are two possible
encodings for the SHA AlgorithmIdentifier ..." and I'll change the last
paragraph in 2 from:

 The AlgorithmIdentifier parameters field is OPTIONAL.  If present, 
 the parameters field MUST contain a NULL.  Implementations MUST 
 accept SHA2 AlgorithmIdentifiers with absent parameters.  
 Implementations MUST accept SHA2 AlgorithmIdentifiers with NULL 
 parameters.  Implementations SHOULD generate SHA2 
 AlgorithmIdentifiers with absent parameters. 

To:

 The AlgorithmIdentifier parameters field is OPTIONAL. 
 Implementations MUST 
 accept SHA2 AlgorithmIdentifiers with absent parameters.  
 Implementations MUST accept SHA2 AlgorithmIdentifiers with NULL 
 parameters.  Implementations MUST generate SHA2 
 AlgorithmIdentifiers with absent parameters. 

I'll post a new version Monday and I think we'll re-do a WGLC with a one
week period.  This time will give implementers with experience to chime in.

spt

>-----Original Message-----
>From: owner-ietf-smime@xxxxxxxxxxxx 
>[mailto:owner-ietf-smime@xxxxxxxxxxxx] On Behalf Of Blake Ramsdell
>Sent: Friday, October 03, 2008 10:05 PM
>To: Turner, Sean P.
>Cc: Jim Schaad; ietf-smime@xxxxxxx
>Subject: Re: I-D ACTION:draft-ietf-smime-sha2-08.txt
>
>
>On Fri, Oct 3, 2008 at 2:09 PM, Turner, Sean P. 
><turners@xxxxxxxx> wrote:
>> 1. I was just following the conventions for SHA-1.  I take it you're 
>> suggesting we should break with those conventions?
>
>This is something we debated back in the DSA days. The bottom 
>line is that we were younger and dumber back in the 90's for 
>AlgorithmIdentifier, and now we know that the parameters are 
>an optional field. So the bottom line is that new algorithms 
>should be absent parameters instead of encoded as NULL.
>
>From RFC 2633:
>
>2.2 SignatureAlgorithmIdentifier
>
>   Sending and receiving agents MUST support id-dsa defined in [DSS].
>   The algorithm parameters MUST be absent (not encoded as NULL).
>
>So yeah, we're kind of jerks for carting around some of this 
>NULL for the older algorithms, but the rule of thumb is that 
>"for any new algorithms, the parameters are absent if there 
>aren't any".
>
>Blake
>--
>Blake Ramsdell | http://www.blakeramsdell.com
>

References:
- I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Internet-Drafts
- RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Jim Schaad
- RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Turner, Sean P.
- Re: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Blake Ramsdell

Prev by Date: Re: I-D ACTION:draft-ietf-smime-sha2-08.txt
Previous by thread: Re: I-D ACTION:draft-ietf-smime-sha2-08.txt
Next by thread: I-D ACTION:draft-ietf-smime-3850bis-07.txt
Index(es):
- Date
- Thread