Liaison statement
Follow-up on Cryptographic Message Syntax communications

We have previously submitted a liaison [1] in reference to the  Cryptographic
Message Syntax (CMS) [RFC5652] in which we recommended that if new work on CMS
is felt to be needed, the best place to do that is in the IETF.  This ensures
interaction with the active community of editors, developers, and users of that
technology.

In your response to our earlier liaison statement, you said two things.

 First:
"ITU-T SG17, Security, thanks IETF Security Area for the liaison response about
our draft Recommendation ITU-T X.cms. The main reason for the development of
X.cms is to have an ITU-T Recommendation containing all the ASN.1 modules which
are needed to implement Cryptographic Message Syntax with no obsolete ASN.1
features like “ANY DEFINED BY”. For ITU-T to make references,  we need CMS with
ASN.1 specifications conform to the in force  Edition of Rec. ITU-T X.680
series."

    You seem to be unaware of the work in 2010 that produced modern ASN.1
    modules for CMS [RFC5911].

Second:
"We decided to postpone the Consent of draft Recommendation ITU-T  X.cms to
have the time to investigate the possibility to have an  updated IETF RFC that
fulfils our requirements. Our ASN.1 experts offer to participate in the work on
producing that IETF RFC."

    We note that the particular change proposed by [2] ("signcryption") could
    be done in a backwards compatible and interoperable manner and also seems
    to overlap with ISO 29150:2011 [3].  We remain open to discussions about
    such a collaboration.

Regards,
Stephen Farrell/Kathleen Moriarty
IETF Security Area Directors

References:
[RFC5652] https://www.rfc-editor.org/rfc/rfc5652.txt
[RFC5911] https://www.rfc-editor.org/rfc/rfc5911.txt
[1] https://datatracker.ietf.org/liaison/1294/
[2]https://datatracker.ietf.org/liaison/1396/
[3] http://www.iso.org/iso/catalogue_detail.htm?csnumber=45173