Len Sassaman rabbi@quickie.net
Fri Dec 7 19:30:01 2001

On Fri, 7 Dec 2001, Simon Josefsson wrote:

> > Another point to note, of course, is that there is no way to prevent
> > people from using 40 bit encryption when sending S/MIME messages to you,
> > due to a number of technical mistakes in the S/MIME standard.
> There is no way to prevent people from using 0 bit encryption (that
> is, when they forget to push the "encrypt" button) when sending
> PGP/MIME messages to you either.

Yes, but at least the user is aware of this.

> A good S/MIME enabled mailer would never use weak crypto.

Define "good". I tend to think of "good" as "complying with standards",
and in that sense, all good S/MIME implementations would use weak crypto.

Let's assume, however, that your client doesn't use 40 bit keys. You still
have no control over what type of S/MIME enabled mailer I am using. If I
am using one that defaults to 40 bit, you can't do anything about it.

Contrast this with OpenPGP (which never had 40 bit crypto in the first
place) which lets the public key owner exclude individual ciphers from
being used. If I don't trust CAST5, I can instruct all OpenPGP clients
never to use it when encrypting to my key.

If S/MIME had that sort of functionality, the fact that it requires
support for 40 bit crypto would not be so dangerous.

> I don't think S/MIME is dumb, so if you can prove me wrong I will
> learn something, so please dig it up. :-)

Okay, then. It's on the other laptop... will look.