On Revision 1.29:

1. Why is AES-192 optional? aes-alg-00.txt states so, but I notice that it remains an open issue in aes-alg-02.txt?

2. Referring to 3.4.3, why "<<same-document>> RetrievalMethod references"?

3. 6.1.1 and 6.1.2 is considering the case of "sign, then encrypt", right? 
Is anything being done for "encrypt, then sign"? Or is there no problem at all? 
I'm a bit lost in reading through all those previous discussions...

4. Referring to 2.1.5, why MUST encrypt <<whole>> EncryptedData and EncryptedKey and not allowed for parts?

Sorry if the above questions seem obvious... :-)

Received on Tuesday, 31 July 2001 18:07:31 UTC