The IESG has approved the following document: - 'Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection' (draft-ietf-lamps-cms-update-alg-id-protect-05.txt) as Proposed Standard
This document is the product of the Limited Additional Mechanisms for PKIX and SMIME Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-update-alg-id-protect/ Technical Summary This document updates the Cryptographic Message Syntax as specified in RFC 5652 to ensure that algorithm identifiers in signed-data and authenticated-data content types are adequately protected. It does so by making two changes: requiring that the originator use the same hash algorithm to compute the digest of the message content and the digest of signed attributes, and recommends that the originator use the CMSAlgorithmProtection attribute [RFC6211]. Working Group Summary There is consensus for this document in the LAMPS WG. Document Quality Nothing of note arose during the review of the document. This updated CMS guidance is not yet being implemented. Personnel Tim Hollebeek is the document shepherd. Roman Danyliw is the responsible area director. _______________________________________________ IETF-Announce mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-announce
