Thanks, Paul, for taking the draft document this far. Let the fun begin!
Section 1.3.4:
The attribute names should reflect the name associated with the attribute
OID, not the syntax of the attribute value. In general, this means that
the named attribute should begin with a lower case letter. So, I suggest
these changes:
ContentHints -> contentHints
ReceiptRequest -> receiptRequest
SecurityLabel -> securityLabel
Also, I don't believe that (signed?) ContentIdentifier and
EncapsulatedContentType are intended to be used as attributes. They're
part of the receiptRequest attribute and are copied to a Receipt structure.
If I missed something on this point then the OIDs for these "attributes" are
missing...
Section 2.10
The last line of the DirectoryString definition includes an extra double
quote character (") after the closing brace.
Section 3.2
An OID for the securityLabel attribute is missing.
Section 4.3
The syntax for EntityIdentifier is missing. When I wrote the first cut
at this text we put this definition in the EnvelopedData2 spec that Russ
Housley was writing, but it ought to be included here for completeness.
EntityIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber, -- From PKCS #7
subjectKeyIdentifier KeyIdentifier }
KeyIdentifier ::= OCTET STRING
----->
Scott Hollenbeck (mailto: hollenbe(_at_)east(_dot_)xsis(_dot_)xerox(_dot_)com)
Xerox Special Information Systems
Arlington, Virginia, USA