The receipt mechanism in ESS appears to be based on the MSP receipt. There
are several draft standards in ANSI X9 and ASTM E31.20 (medical
informatics) that represent a receipt as a countersignature on the
originator's signature. In PKCS #7 and PKCS #9 terms, a countersignature
is just a SignerInfo which signs the encryptedDigest field in another
SignerInfo. It is carried as an unauthenticated attribute in this
enclosing SignerInfo. While I'm not proposing adding this to ESS, I was
wondering if anyone sees any problems with this approach.
Regards,
Rich