attachment
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body dir="auto">
Wow, thanks for finding this! I’m sure that enterprises would prefer using S/MIME. We should definitely review this and work to restore S/MIME in TRUSTNOONE if we believe it is appropriate.<br>
<br>
<div dir="ltr"><span style="background-color: rgba(255, 255, 255, 0);">Cheers,</span>
<div><span style="background-color: rgba(255, 255, 255, 0);">Smith</span>
<div><span style="background-color: rgba(255, 255, 255, 0);">---</span></div>
<div><span style="background-color: rgba(255, 255, 255, 0);">Smith Kennedy</span></div>
</div>
<div><span style="background-color: rgba(255, 255, 255, 0);">smith.kennedy@hp.com</span></div>
<div><span style="background-color: rgba(255, 255, 255, 0);"><br>
</span></div>
</div>
<div dir="ltr"><br>
<blockquote type="cite">On Apr 21, 2021, at 4:28 AM, Michael Sweet via ipp <ipp@pwg.org> wrote:<br>
<br>
</blockquote>
</div>
<blockquote type="cite">
<div dir="ltr"> All,<br>
<br>
Somehow we missed this, but the IETF published an update to S/MIME in April of 2019:<br>
<br>
<a href="https://tools.ietf.org/html/rfc8551">https://tools.ietf.org/html/rfc8551</a><br>
<br>
Among other things, this update addresses the EFAIL cryptographic vulnerability in S/MIME by adding support for some new cipher suites with Galois/Counter Mode (GCM) instead of the old (insecure) Cipher Block Chaining (CBC) mode.<br>
<br>
Using S/MIME bring the advantage that it shares most of the infrastructure that is already in place for TLS, particularly when it comes to trusting a third party. PGP depends on the "web of trust" for this and may not be as attractive to some.<br>
<br>
Thoughts?<br>
<br>
________________________<br>
Michael Sweet<br>
<br>
<br>
<br>
_______________________________________________<br>
ipp mailing list<br>
ipp@pwg.org<br>
<a href="https://www.pwg.org/mailman/listinfo/ipp">https://www.pwg.org/mailman/listinfo/ipp</a><br>
</div>
</blockquote>
</body>
</html>