Picking up on this errata ... > On Apr 13, 2021, at 11:00 AM, Michael Richardson <[email protected]> > wrote: > > > Rob Wilton \(rwilton\) <[email protected]> wrote: >> Stephane or Warren can probably can correct me as a butcher the >> explanation, but ... >> ... I think that the issue is that the appendix is given as sequence of >> steps to follow, and in Step 1 (A.1), the certificate is generated >> using an elliptical curve algorithm, which means that by the time that >> you get to the step in A 2.2 ,the openssl command fails because openssl >> doesn't allow you to S/MIME encrypt with the certificate generated in >> A.1 that is based on an elliptic curve algorithm. > >> The solution to fix this would be to change the type of algorithm used >> in Step 1 (A.1) to RSA, in which case this step would succeed. > > That's one way to do it. > ECIES would also work, but maybe openssl CMS can't do that. > > Given that > a) it's non-normative example. > b) in practice doing this with openssl shell commands is not a good solution > (error handling, database access, etc.) > > I suggest that we acknowledge the error (should use RSA), but that there > isn't a simple text change.
That cannot be done as part of the errata. Reject the errata?? Cheers. > > > -- > Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > Mahesh Jethanandani [email protected]
_______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
