[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-impp-im - Common Profile for InstantMessaging (CPIM)
At 10:38 PM -0400 8/6/03, Steven M. Bellovin wrote:
In message <200307241803.OAA18923@ietf.org>, IESG Secretary writes:
Last Call to expire on: 2003-06-27
Please return the full line with your position.
Yes No-Objection Discuss Abstain
Steve Bellovin [ ] [ ] [ ] [ ]
draft-ietf-impp-cpim-msgfmt
Why isn't it using S/MIME or CMS used? The problem statement
sounds about the same.
(I'd really like Russ to see these documents; he's the S/MIME
expert.)
In section 4 of draft-ietf-impp-im, this covers the use of s/mime and
cms:
When end-to-end security is required, the message operation MUST use
MSGFMT, and MUST secure the MSGFMT MIME body with S/MIME [8], with
encryption (CMS EnvelopeData) and/or S/MIME signatures (CMS
SignedData).
Is this needed in draft-ietf-impp-cpim-msgfmt as well, or is there something
else needed entirely?
draft-ietf-impp-pres-03.txt
draft-ietf-impp-im-03.txt
S/MIME AES has been published as an RFC. (Fixable with an
RFC editor note.)
Thanks for catching this.
Ted
--Steve Bellovin, http://www.research.att.com/~smb