All,
The "Enhanced Security Services for S/MIME" Internet Draft (ESS-00)
describes the process of an originator requesting signed receipts and a
recipient returning signed receipts. There can be multiple SignerInfos
present within a SignedData object. Each SignerInfo can include
authenticatedAttributes. Therefore, a single SignedData object may include
multiple SignerInfos each of which include a receiptRequest attribute. I
believe that this should be allowed and should be documented in the ESS.
For example, if an originator desires to send a signed message requesting
signed receipts to a set of users composed of RSA-only and DSA-only users.
The originator's software can include one SignerInfo that includes an RSA
signature value and a receiptRequest attribute. The same SignedData object
could include another SignerInfo that includes a DSA signature value and a
receiptRequest attribute. In this example, the RSA-capable recipients would
return an RSA signed receipt to the originator and the DSA-capable
recipients would return a DSA signed receipt to the originator.
I believe that the general processing rules in ESS should state that a
receiving agent should build a signed receipt for each SignerInfo in the
SignedData object for which it verifies the signature and which requests a
signed receipt. This may result in multiple signed receipts being
constructed and returned for a single SignedData object.
I also believe that we should add a restriction that only one receiptRequest
attribute can be included in the authenticatedAttributes of a SignerInfo.
I will include specific comments to ESS-00 in a follow-up message, but I
wanted to raise this issue separately because I beleive that it deserves
special attention.
================================
John Pawling
jsp(_at_)jgvandyke(_dot_)com
J.G. Van Dyke & Associates, Inc.
================================