- From: Tom Gindin <tgindin@us.ibm.com>
- Date: Tue, 26 Nov 2002 17:09:00 -0500
- To: reagle@w3.org
- Cc: <xml-encryption@w3.org>
FIPS 197 appears to be stable. CSRC's web page for AES hasn't been updated all year. On the other hand, CMS-AES draft 5 makes no reference to RSA#1 v1.5 until the security considerations section, and IMHO there seems to be little point in using it as an intermediate reference instead of going straight to the stable RFC 2437. You could say that the two RSA variants are the ones which have been used for key transport in documents of the CMS series, of course. Tom Gindin Joseph Reagle <reagle@w3.org>@w3.org on 11/26/2002 04:23:35 PM Please respond to reagle@w3.org Sent by: xml-encryption-request@w3.org To: <xml-encryption@w3.org> cc: Subject: Editorial Details before publishing REC As we ready to publish the next version of XENC [1] and the Decryption Transform [2]: 1. We still have two questionable references. Is FIPS 197 the correct and stable specification for AES? (Any updates?) AES NIST FIPS 197: Advanced Encryption Standard (AES). November 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf CMS-AES version 04 has expired, but we profile it for our purposes. I'm willing to update this to version 05 if someone can vouch the substantive bits that we've profiled have not changed. CMS-AES Use of the Advanced Encryption Algorithm in CMS. J. Schaad and R. Housley. Internet-Draft, January 2002. http://www.ietf.org/internet-drafts/draft-ietf-smime-aes-alg-04.txt 2. Has anyone noted any editorial problems with the bits in red in the two editorial drafts? If not, they will be the final text! <smile/> [1] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/ [2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt.html
Received on Tuesday, 26 November 2002 17:42:05 UTC