At 3:04 PM -0700 7/24/97, Blake Ramsdell wrote:
If the micalg is mandated, then it could potentially
become impossible to convert a signedData entity to multipart/signed,
since the converter may not understand how to convert the
AlgorithmIdentifiers specified in digestAlgorithms to their micalg
string representation. Granted, the AlgorithmIdentifiers and their
micalg string mapping are defined for the two "in vogue" algorithms --
MD5 and SHA-1, so this should not be an issue for at least a little
while.
Receiving agents must expect unknown values for the micalg value and handle
them gracefully, hopefully by falling back to their two-pass checker that
relies on the inside algorithm identifier.
I think we should go to MUST, particularly since it is mandated by 1847.
--Paul E. Hoffman, Director
--Internet Mail Consortium