<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
This might also be useful:<br>
<ul>
<li><a class="moz-txt-link-freetext" href="https://ianix.com/pub/ed25519-deployment.html">https://ianix.com/pub/ed25519-deployment.html</a></li>
</ul>
<br>
<div class="moz-cite-prefix">On 3/6/2021 10:03 π.μ., Dimitris
Zacharopoulos (HARICA) wrote:<br>
</div>
<blockquote type="cite"
cite="mid:23ecf65c-2879-92a4-9835-91c971a16d83@harica.gr">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<br>
<br>
<div class="moz-cite-prefix">On 3/6/2021 12:40 π.μ., Corey Bonnell
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR14MB2186B383CBC3C78B8FA29D47923D9@DM6PR14MB2186.namprd14.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Do we know which mail clients support
EdDSA? Fleshing out the SBRs with the relevant bits from RFC
8410 seems straightforward enough, but I’m wondering if it
won’t be used in practice due to lack of client application
support.</p>
</div>
</blockquote>
<br>
Section 2.2 of RFC8551 (S/MIME 4.0) states that receiving agents
MUST support EdDSA with curve25519 using PureEdDSA mode and
sending agents MUST support at least one of the following
algorithms: ECDSA with curve P-256 and SHA-256, or EdDSA with
curve25519 using PureEdDSA mode. <br>
<br>
Additionally, section 2.3 states that both sending and receiving
clients MUST support ECDH ephemeral-static mode for X25519 using
HKDF-256 for the KDF.<br>
<br>
Therefore, we (HARICA) believe that the BRs should not be a
blocking factor for innovation by prohibiting the use of a modern,
secure cryptographic algorithm. I guess it's a chicken-egg
problem. If there are blocking factors, nobody will attempt to
implement. Obviously I don't have any strong feelings at this
time, just thought to share HARICA's thoughts with the larger
group.<br>
<br>
<br>
Dimitris.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:DM6PR14MB2186B383CBC3C78B8FA29D47923D9@DM6PR14MB2186.namprd14.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal">Corey<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Smcwg-public <a
class="moz-txt-link-rfc2396E"
href="mailto:smcwg-public-bounces@cabforum.org"
moz-do-not-send="true"><smcwg-public-bounces@cabforum.org></a>
<b>On Behalf Of </b>Dimitris Zacharopoulos (HARICA) via
Smcwg-public<br>
<b>Sent:</b> Wednesday, June 2, 2021 5:36 AM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated"
href="mailto:smcwg-public@cabforum.org"
moz-do-not-send="true">smcwg-public@cabforum.org</a><br>
<b>Subject:</b> Re: [Smcwg-public] IETF LAMPS discussion
re SMIME sample certs<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
I would recommend allowing EdDSA in the S/MIME BRs.<br>
<br>
Dimitris.<o:p></o:p></p>
<div>
<p class="MsoNormal">On 18/5/2021 4:12 μ.μ., Stephen
Davidson via Smcwg-public wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">FYI – a selection of text SMIME certs,
and related discussion.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><a
href="https://mailarchive.ietf.org/arch/msg/spasm/ZJi4W5vYuOf-pzL-TBGUV419yM4/"
moz-do-not-send="true">https://mailarchive.ietf.org/arch/msg/spasm/ZJi4W5vYuOf-pzL-TBGUV419yM4/</a><o:p></o:p></p>
<p class="MsoNormal">This draft is a work item of the
Limited Additional Mechanisms for PKIX and SMIME WG of the
IETF.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Title
: S/MIME Example Keys and Certificates<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Author
: Daniel Kahn Gillmor<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Filename
: draft-ietf-lamps-samples-03.txt<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Pages
: 36<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Date
: 2021-05-14<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Abstract:<o:p></o:p></p>
<p class="MsoNormal"> The S/MIME development community
benefits from sharing samples of<o:p></o:p></p>
<p class="MsoNormal"> signed or encrypted data. This
document facilitates such<o:p></o:p></p>
<p class="MsoNormal"> collaboration by defining a small
set of X.509v3 certificates and<o:p></o:p></p>
<p class="MsoNormal"> keys for use when generating such
samples.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">The IETF datatracker status page for
this draft is:<o:p></o:p></p>
<p class="MsoNormal"><a
href="https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/"
moz-do-not-send="true">https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/</a><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Smcwg-public mailing list<o:p></o:p></pre>
<pre><a href="mailto:Smcwg-public@cabforum.org" moz-do-not-send="true">Smcwg-public@cabforum.org</a><o:p></o:p></pre>
<pre><a href="https://lists.cabforum.org/mailman/listinfo/smcwg-public" moz-do-not-send="true">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>