Multiple symmetric algo-encrypted data in single S/MIME message

Jim Schaad | 22 Jan 2003 07:45

RE: Multiple symmetric algo-encrypted data in single S/MIME message

Ryan,

The current CMS format used by S/MIME allows for only a single algorithm to be used for encrypting the content. While there are several different ways around this, the only ones that I consider to be practical are to either 1) send two messages as you presently do or 2) install a Domain boundry server (ala RFC 3183) to change the build encryption algorithm.

jim

-----Original Message-----
From: owner-ietf-smime <at> mail.imc.org [mailto:owner-ietf-smime <at> mail.imc.org] On Behalf Of Ryan Koh
Sent: Tuesday, January 21, 2003 10:03 PM
To: ietf-smime <at> imc.org
Subject: Multiple symmetric algo-encrypted data in single S/MIME message

Hi

My organisation users need to communicate with 2 groups of users, on different S/MIME secure mail systems. The problem lies in them using different symmetric algorithms for data encryption. I am assessing possibility of building a single mail client to compose and send S/MIME messages to selected users on both nets, at the same time (i.e. at one sending operation). This means that there would logically be 2 sets of encrypted blobs in the S/MIME message sent out, but I am not sure if this is supported in S/MIME format.

The easy way out of course is to send out the same mails twice separately, to users of each group, as what we are doing now. This however is neither efficient nor elegant.

Any suggestion/recommendation would be greatly appreciated.

Thanks

Ryan Koh

With Yahoo! Mail you can get a bigger mailbox -- choose a size that fits your needs