[Smcwg-public] IETF LAMPS discussion re SMIME sample certs
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Thu Jun 3 07:27:15 UTC 2021
This might also be useful:
* https://ianix.com/pub/ed25519-deployment.html
On 3/6/2021 10:03 π.μ., Dimitris Zacharopoulos (HARICA) wrote:
>
>
> On 3/6/2021 12:40 π.μ., Corey Bonnell wrote:
>>
>> Do we know which mail clients support EdDSA? Fleshing out the SBRs
>> with the relevant bits from RFC 8410 seems straightforward enough,
>> but I’m wondering if it won’t be used in practice due to lack of
>> client application support.
>>
>
> Section 2.2 of RFC8551 (S/MIME 4.0) states that receiving agents MUST
> support EdDSA with curve25519 using PureEdDSA mode and sending agents
> MUST support at least one of the following algorithms: ECDSA with
> curve P-256 and SHA-256, or EdDSA with curve25519 using PureEdDSA mode.
>
> Additionally, section 2.3 states that both sending and receiving
> clients MUST support ECDH ephemeral-static mode for X25519 using
> HKDF-256 for the KDF.
>
> Therefore, we (HARICA) believe that the BRs should not be a blocking
> factor for innovation by prohibiting the use of a modern, secure
> cryptographic algorithm. I guess it's a chicken-egg problem. If there
> are blocking factors, nobody will attempt to implement. Obviously I
> don't have any strong feelings at this time, just thought to share
> HARICA's thoughts with the larger group.
>
>
> Dimitris.
>
>
>> Thanks,
>>
>> Corey
>>
>> *From:* Smcwg-public <smcwg-public-bounces at cabforum.org> *On Behalf
>> Of *Dimitris Zacharopoulos (HARICA) via Smcwg-public
>> *Sent:* Wednesday, June 2, 2021 5:36 AM
>> *To:* smcwg-public at cabforum.org
>> *Subject:* Re: [Smcwg-public] IETF LAMPS discussion re SMIME sample certs
>>
>>
>> I would recommend allowing EdDSA in the S/MIME BRs.
>>
>> Dimitris.
>>
>> On 18/5/2021 4:12 μ.μ., Stephen Davidson via Smcwg-public wrote:
>>
>> FYI – a selection of text SMIME certs, and related discussion.
>>
>> https://mailarchive.ietf.org/arch/msg/spasm/ZJi4W5vYuOf-pzL-TBGUV419yM4/
>> <https://mailarchive.ietf.org/arch/msg/spasm/ZJi4W5vYuOf-pzL-TBGUV419yM4/>
>>
>> This draft is a work item of the Limited Additional Mechanisms
>> for PKIX and SMIME WG of the IETF.
>>
>> Title : S/MIME Example Keys and Certificates
>>
>> Author : Daniel Kahn Gillmor
>>
>> Filename : draft-ietf-lamps-samples-03.txt
>>
>> Pages : 36
>>
>> Date : 2021-05-14
>>
>> Abstract:
>>
>> The S/MIME development community benefits from sharing samples of
>>
>> signed or encrypted data. This document facilitates such
>>
>> collaboration by defining a small set of X.509v3 certificates and
>>
>> keys for use when generating such samples.
>>
>> The IETF datatracker status page for this draft is:
>>
>> https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/
>> <https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/>
>>
>>
>>
>> _______________________________________________
>>
>> Smcwg-public mailing list
>>
>> Smcwg-public at cabforum.org <mailto:Smcwg-public at cabforum.org>
>>
>> https://lists.cabforum.org/mailman/listinfo/smcwg-public <https://lists.cabforum.org/mailman/listinfo/smcwg-public>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20210603/6791fff7/attachment.html>
More information about the Smcwg-public
mailing list