Folks,
I think my initial concern has been misunderstood, or maybe I
misunderstood the
purported benefits of the proposed mechanism.
When I asked about compatibility with existing S/MIME specs, I was not
referring to
details of how the EC public key is represented in a cert, per se.
Andrey's message on 1/4 said:
"Point compression is more beneficial for storage security for reasons
of performance and storage efficiency. For storage efficiency side: when
there are multiple recipients per message, each associated with one
ECDH-related field, it's possible for ECDH-specific payload to get
arbitrary large for a fixed short message. For the performance argument:
*if the message was encrypted to N recipients, to decode it only one
recipient will be used, and thus the calculation of 'y' is done once but
the space is saved for N. *
My question was whether this technique, in bold above, is compatible
with the current, normal
processing for S/MINE, or whether it would require S/MIME to operate
differently (at the originator
or at any recipient) in order to reduce the overhead in the fashion
alluded to above.
I don;t think that question has been answered.
Steve
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
