RE: Receipt Request Attribute

"Jim Schaad (Exchange)" <jimsch@EXCHANGE.MICROSOFT.com> Wed, 12 May 1999 18:38 UTC

Message-ID: <2FBF98FC7852CF11912A0000000000010ECB5F4D@DINO>
From: "Jim Schaad (Exchange)" <jimsch@EXCHANGE.MICROSOFT.com>
To: "'jsp@jgvandyke.com'" <jsp@jgvandyke.com>, ietf-smime@imc.org
Cc: jsp@ajsn101.jgvandyke.com
Subject: RE: Receipt Request Attribute
Date: Wed, 12 May 1999 10:24:09 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1252"
Sender: owner-ietf-smime@imc.org
Precedence: bulk

All,

I had forgotten about the text in section 1.3.4 -- I agree that would
disallow the placment in a receipt request in a counter signature.

I also agree that I don't have a reason for doing receipt requests in
counter signatures, but I have also learned never to underestimate the
things needed by somebody in the market that I have never heard of and will
hopefully never hear from.   Given that the question was being asked I made
the assumption that Tom had some type of requirement that might require this
type of behavior.

jim


-----Original Message-----
From: jsp@jgvandyke.com [mailto:jsp@jgvandyke.com]
Sent: Wednesday, May 12, 1999 8:56 AM
To: Jim Schaad (Exchange); ietf-smime@imc.org
Cc: jsp@ajsn101.jgvandyke.com
Subject: Re: Receipt Request Attribute


All,

I respectfully disagree with Jim's reply to Tom's message.

First, ESS Section 1.3.4, Placement of Attributes, states: "The only
attributes that are allowed in a counterSignature attribute are 
counterSignature, messageDigest, signingTime, and
signingCertificates."  This means that receiptRequest attributes are
not allowed to be carried in a counterSignature attribute.

Second, IMHO, it does not make sense to request a signedReceipt for
a counterSignature.  A signedReceipt is intended to prove that a
recipient received and was able to verify the signature of the
message sent by the signer.  What would a signedReceipt prove 
for a counterSignature since the thing that is signed is not
a message, it is the originator's signature of the original message???

I do not believe that we should change ESS to allow receiptRequests 
to be included in counterSignature attributes.

- John Pawling



> 
> Tom,
> 
> My opinion on this would be:
> 
> 1.  A CounterSignature can contain a receipt request.
> 2.  The receipt request on the original SignedData and the receipt receipt
> on the CounterSignature can be different.  The requirement is that all
> receipt requests in a SignerInfo sequence be the same and a CounterSigner
> has a different SignerInfo sequence
> 
> jim
> 
> 
> -----Original Message-----
> From: Tom Kung [mailto:Tom.Kung@entrust.com]
> Sent: Monday, May 10, 1999 11:48 AM
> To: 'ietf-smime@imc.org'
> Subject: Receipt Request Attribute
> 
> 
> Gooday,
> 
> I would appreciate clarification on the following with respect to the
> Receipt Request attribute:
> 
> 1.	May a CounterSignature contain a receipt request?
> 
> 2.	If so, MUST all receipt requests in a SignedData be identical?  The
> spec specifies that all Receipt Requests be identical.  Is it the intent
> that CounterSignatures containing a receipt request MUST also be identical
> with other receipt requests if it exists?  I don't see why each
> countersignature can not have a different receipt request.
> 
> 
> thanx,tom.
>

Receipt Request Attribute Tom Kung
RE: Receipt Request Attribute Jim Schaad (Exchange)
Re: Receipt Request Attribute John Pawling
RE: Receipt Request Attribute Jim Schaad (Exchange)