Receipts vs. SignedData

It appears that, when creating/verifying SignedData, one processes the
content being signed differently, depending on if it is a Receipt or not. 
I.e., non-receipts are processed per the CMS spec, while receipts digest
the received message followed by the Receipt structure (the Receipt is all
that actually appears in the inner content).  So the messageDigest
attribute in the Receipt case is not just a digest of the content.

Is there some other way to do this so SignedData is always processed the
same?  E.g. include a digest of the original message in the Receipt
structure or as an additional authenticated attribute?  (Of course these
mechanisms just prove the recipient has the message digest, not the actual
message :-)

Regards,
Rich

<Prev in Thread]	Current Thread	[Next in Thread>
Receipts vs. SignedData, Rich Ankney <= RE: Receipts vs. SignedData, Larry Layten Re: Receipts vs. SignedData, Rich Ankney RE: Receipts vs. SignedData, Blake Ramsdell Re: Receipts vs. SignedData, Rich Ankney RE: Receipts vs. SignedData, Trevor Freeman RE: Receipts vs. SignedData, John Pawling Re: Receipts vs. SignedData, Rich Ankney Re: Receipts vs. SignedData, John Pawling Re: Receipts vs. SignedData, Rich Ankney RE: Receipts vs. SignedData, Blake Ramsdell

Previous by Date:	ESS-00 countersignature Comment, John Pawling
Next by Date:	RE: Receipts vs. SignedData, Larry Layten
Previous by Thread:	ESS-00 countersignature Comment, John Pawling
Next by Thread:	RE: Receipts vs. SignedData, Larry Layten
Indexes:	[Date] [Thread] [Top] [All Lists]