IETF Logo Mail Archive

Comments on draft-ietf-smime-rfc2630bis-03

"Jim Schaad" <jimsch@nwlink.com> Wed, 19 September 2001 03:53 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA09607 for <smime-archive@odin.ietf.org>; Tue, 18 Sep 2001 23:53:25 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id f8J3FDf22028 for ietf-smime-bks; Tue, 18 Sep 2001 20:15:13 -0700 (PDT)
Received: from femail35.sdc1.sfba.home.com ([24.254.60.25]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f8J3FBD22024 for <ietf-smime@imc.org>; Tue, 18 Sep 2001 20:15:11 -0700 (PDT)
Received: from revelation ([65.4.166.11]) by femail35.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010919031505.CRIV12461.femail35.sdc1.sfba.home.com@revelation>; Tue, 18 Sep 2001 20:15:05 -0700
Reply-To: jimsch@exmsft.com
From: Jim Schaad <jimsch@nwlink.com>
To: ietf-smime@imc.org, Russ Housley <rhousley@rsasecurity.com>
Subject: Comments on draft-ietf-smime-rfc2630bis-03
Date: Tue, 18 Sep 2001 20:14:42 -0700
Message-ID: <001601c140b9$39f1cd40$0c00a8c0@soaringhawk.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2526.0000
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit

Russ,


1.  The comment I had for section 3 was for 

id-ct-contentInfo  OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
     content-types(1) 6}

Not for id-contentType.  (This has come to you privately but not on the
list.)

2.  Section 5.2.1.  I don't follow the reasoning behind putting this
section in the document.  If the issue is to allow for the processing of
PKCS#7 item, then I think that information is lacking (specifically the
fact that "content" MUST be DER encoded).  At present it only allows for
parsing of the content, in some cases.  (Note that my guess is that the
current MSFT code would fail if the OID corresponded to an OCTET STRING
as it would not be able to guess which way to go.)  A better way of
doing the guessing is really to say that you look to see if you have an
OCTET STRING and assume you will have a CMS rather than a PKCS#7 object.
The problem with your current method is there is nothing to stop
somebody from creating a CMS signed data object using the same embedded
content (but OCTET wrapped).

3.  I think it is time to remove the [** NEW **] and [** OLD **]
comments so we can see a true draft for last call.

Jim

v2.23.0 | Report a Bug | By Email