1. Section 5.1 --- NOTE this would replace John's comment #2
Since we are now using EncapulsatedContentInfo in four different
structures, lets do a break out on the fields of it. This would allow
for the single description of the eContent field being optional which
would apply to all four locations where it is referenced.
2. Section 5.1 Since we are now octet encoding the eContent field, I
don't see any reason to say that for "external signatures" that the
content type must be id-data. Recommend we delete this sentence
3. Section 5.1 Add following sentence to description of version "If the
encapsulated content type is id-data, then the value of the version
shall be 1; however, if the encapsulated content type is other than
id-data, then the value of version shall be 3."
4. Section 5.2 paragraph describing version. There is an extra and in
the last sentence: "authenticatedAttributes and field is absent" --
remove the and
5. -Section 5.3 last paragraph. I don't think this paragraph makes
sense any more. It was refering to the content section and we no longer
DER encode content. Recommend we just delete the entire paragraph.
6. Sections 8 and 9 should have a enumerated list of the steps similar
to that in section 7 describing how to create these items.
7. I heartly second John's recommendation for adding to
authenticatedAttributes to the AuthenticatedData structure.
8. Part of my continuing fight to remove MD2 from the world. Please
remove MD2 form the list of examples in DigestAlgorithmIdentifier. If
you want a third example use RIPEMD-160.