Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS)
RFC 4010

Note: This ballot was opened for revision 02 and is now closed.

(Russ Housley) (was Discuss, Yes) Yes

(Harald Alvestrand) No Objection

Comment (2004-08-19 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Reviewed by Mary Barnes, Gen-ART
Abstract seems overly terse.

(Steven Bellovin) No Objection

(Margaret Cullen) No Objection

Comment (2004-08-18 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
CMS (and SEED?) should be expanded in the title.

The requirement level for this support is unclear.  The introduction indicates that this is an optional algorithm, but later the document says:

   If users require SEED for symmetric
   encryption, it MUST be supported by the S/MIME clients on both the
   sending and receiving side, and it MUST be set in the user
   preferences.

I don't think that this "MUST" should be uppercase.  I understand that both sides would need to support the algorithm in order for it to work, but I believe that implementation is optional.  Right?

(Bill Fenner) No Objection

(Ted Hardie) No Objection

(Scott Hollenbeck) No Objection

(David Kessens) No Objection

(Allison Mankin) No Objection

(Thomas Narten) No Objection

Comment (2004-08-19 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
>    SEED is easily implemented in various software and hardware because
>    it is designed to increase the efficiency of memory storage and the
>    simplicity in generating keys without degrading the security of the
>    algorithm.

Not sure what "increase the efficiency of memory storage" is supposed
to mean. Later, I assume it is meant "takes less memory to implement
than other algorithms". Might be good to just say that.

>    Especially, it has been evaluated and also considered
>    cryptographically secure by trustworhty organizations such as ISO/IEC
>    JTC 1/SC 27 and Japan CRYTEC (Cryptography Reasearch and Evaluation
>    Comittees) [ISOSEED][CRYPTEC].

s/trustworthy// ? "trustworthy" is a value judgement; not clear this
sort of document should be using such words for describing organizations.

(Jon Peterson) No Objection

Comment (2004-08-16 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Given that this document specifies the use of the SEED algorithm for various operations, it seems a little odd that there is no normative reference to a specification of SEED. It also appears that draft-park-seed has expired.

(Bert Wijnen) No Objection