Russ,
I think that you have not understood my ASN.1
We have
presiousley agreed that backward compatibility with PKCS#7 version 1.5 is
highly desirable. This aproach is different than PKCS#7 version 1.5.
My original draft module contained ASN.1 which I intended and still believe to
be 100% "bits on the wire identical" to PKCS#7 version 1.5 in its definition of
signatureValue. If you believe that the original module fails to achieve this
intention then please identify where you think it fails.
It was John Pawling who was arguing that the signatureValue was only required
to be compatible for RSA signatures. My revised proposal retains the "100% bits
on the wire identical to PKCS#7 version 1.5" objective in its definition of
RSASignatureValue.
We can argue all day about the depth we want to go to define the syntax.
If the syntax of the object on which the signature is computed is ill-defined
then there is considerable scope for different implementors making different
assumptions about it, resulting in interworking failures. In the current draft
of CMS that syntax is not defined at all!
Jim