[{"author": "Marc Blanchet", "text": "<p>we can hear you</p>", "time": "2026-03-05T14:01:32.000Z"}, {"author": "Marc Blanchet", "text": "<p>@debra have you verified your devices during the check</p>", "time": "2026-03-05T14:02:01.000Z"}, {"author": "Asger Smidt", "text": "<p>Debra, your mic just triggered, but nothing was said, is that correct?</p>", "time": "2026-03-05T14:06:38.000Z"}, {"author": "Marc Blanchet", "text": "<p>Debra, might be related to device permissions from the browser. Maybe try another browser (that might not have the same config/restrictions)</p>", "time": "2026-03-05T14:07:39.000Z"}, {"author": "Andrew Newton", "text": "<p>Good morning!</p>", "time": "2026-03-05T14:08:09.000Z"}, {"author": "Andrew Newton", "text": "<p>There are multiple ways to solve this. DNS, etc... or perhaps ./well-known which is probably more natural to this ecosystem</p>", "time": "2026-03-05T14:43:58.000Z"}, {"author": "Andrew Newton", "text": "<p>Agree with Marc... this a versioning issue.</p>", "time": "2026-03-05T14:46:06.000Z"}, {"author": "Asger Smidt", "text": "<p>Exact same issue, yes ;-)</p>", "time": "2026-03-05T14:48:47.000Z"}, {"author": "Russ Housley", "text": "<p>AES-128-GCM needs to be MUST support to be compatible with S/MIME 4.0</p>", "time": "2026-03-05T14:50:08.000Z"}, {"author": "Asger Smidt", "text": "<p>FWIW, I have never seen anybody request AES-128 for AS2, but quite a few for AES-256.</p>", "time": "2026-03-05T14:50:28.000Z"}, {"author": "Russ Housley", "text": "<p>The email community has not deployed S/MIME 4.0 yet either</p>", "time": "2026-03-05T14:51:50.000Z"}, {"author": "Asger Smidt", "text": "<p>Our own AS2 framework supports AES-256(CBC), but not AES-128.</p>", "time": "2026-03-05T14:51:52.000Z"}, {"author": "Russ Housley", "text": "<p>RSA-OAEP is an improvement over RSA PKCS#1 v1.5, but it has not seen much adoption.  I recommend pushing for Elliptic Curve instead.</p>", "time": "2026-03-05T14:57:16.000Z"}, {"author": "Andrew Newton", "text": "<p>Gotta run. Thanks to everyone for these good discussions. And thanks to the Chairs for facilitating this meeting.</p>", "time": "2026-03-05T14:59:49.000Z"}, {"author": "Asger Smidt", "text": "<p>The problem is that the spec has not been updated for more than 20 years. The first step should be to get the current reality of the AS2 landscape under some semblance of standardization. That would be a spec for 1.3. THEN we can create a 2.0 spec, which deprecates all the old things. I feel that the current approach is to try to do both at once, and I fear that this will be extremely detrimental to adoption.</p>", "time": "2026-03-05T15:10:01.000Z"}, {"author": "Marc Blanchet", "text": "<p>agree with @Asger</p>", "time": "2026-03-05T15:10:39.000Z"}, {"author": "Marc Blanchet", "text": "<p>the risk is that we may start putting new stuff in 1.3, because we know the old stuff is just broken. and other risk is wg energy is working on something not really \"helping\"</p>", "time": "2026-03-05T15:12:28.000Z"}, {"author": "Asger Smidt", "text": "<p>I think putting new stuff in is fine, because the industry has already put a lot of new stuff in, specifically hash and encryption algorithms. The problem is pulling all the old stuff out at the same time, leaving zero overlap for the interim period, and making transitioning from the old to the new almost impossible.</p>", "time": "2026-03-05T15:15:03.000Z"}, {"author": "Murali Panidepu", "text": "<p>2.0 is better as after 20 years of RFC4130</p>", "time": "2026-03-05T15:18:56.000Z"}]