- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Mon, 3 Sep 2001 10:46:30 +0300
- To: "'merlin'" <merlin@baltimore.ie>
- Cc: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
Merlin replied to me, > The KM function is a standard mechanism used by ANSI 9.42 (and others) > and from there by IETF documents (e.g., RFC 2631) <skip> I did not mean to protest against the particular KM function. My complaint was that the KM function should not be `burned in` the spec as there may be reasons, such as a possible future crypto weakness in the particular KM construction, for people to prefer another KM function. Furthermore I noted that the KM function should be part of the AgreementMethod. Indeed RFC 2631 defines a particular key agreement method (Diffie-Hellman of course) and therefore the fact he defines the KM construction there is exactly in line with my suggestion. So... > >My proposed solution, as I indicated above, is simply to > have this aspect > >covered by the AgreementMethod and removed from the spec. Best, Amir Herzberg
Received on Monday, 3 September 2001 03:46:58 UTC