The IESG has approved the following document:
- 'S/MIME AES Requirement for SIP '
draft-ietf-sip-smime-aes-01.txt as a Proposed Standard
This document is the product of the Session Initiation Protocol Working Group.
The IESG contact persons are Allison Mankin and Jon Peterson.
Technical Summary
RFC3261 currently specifies 3DES as the required minimum ciphersuite
for implementations of S/MIME in SIP. This document updates the
normative guidance of RFC3261 to require the Advanced Encryption
Standard (AES) for S/MIME.
Working Group Summary
The Working Group supported this document. It was adopted immediately
on its initial airing. It was gated by progress on S/MIME support.
Protocol Quality
General S/MIME implementation for SIP has been fairly slow to progress.
Some prototype implementations have been tested at the SIP
interoperability events, without testing their cryptography to date.
The specification was reviewed for the IESG by Allison Mankin and Russ
Housley.
RFC Editor Notes
OLD:
S/MIME implementations MUST at a minimum support RSA as a digital
signature algorithm, SHA1 as a digest algorithm, and AES as an
encryption algorithm (as specified in [4]. For key wrap, S/MIME
implementations MUST support the AES Key Wrap Algorithm ([5]).
NEW:
S/MIME implementations MUST at a minimum support RSA as a digital
signature algorithm and SHA1 as a digest algorithm [ xx], and AES as
an encryption algorithm (as specified in [yy]). For key transport,
S/MIME implementations MUST support RSA key transport as specified
in section 4.2.1 of [xx].
RFC Editor, replace [xx] with the citation number of a reference to RFC 3370
added to the Normative References. Replace [yy] with the citation number
of a reference to RFC 3565 added to the Normative References.
3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley.
August 2002.
3565 Use of the Advanced Encryption Standard (AES) Encryption
Algorithm in Cryptographic Message Syntax (CMS). J. Schaad.
July 2003.
Abstract
OLD:
required minimum ciphersuite
NEW:
mandatory-to-implement ciphersuite
Section 4
OLD:
Triples-DES
NEW:
Triple-DES
Several places: Adjust line breaks to avoid funny
line break placement -- Avoid S/ CRLF MIME
___
IETF-Announce mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf-announce