Section 1.3.4 of the 18 November ESS-00 documents says that
a contentHints attribute has a "MUST BE authenticated" value
of "no". However, the OID registry found at
http://www.imc.org/ietf-smime/oids.html
Lists the id-aa-contentHint attribute under the authenticated
attributes arc. In my mind, this implies that the attribute
must be authenticated if present. Should the attribute
always be authenticated (thus requiring a change to ESS-00),
or should we add an arc for attributes that can be either
authenticated or not?
----->
Scott Hollenbeck (mailto: hollenbe(_at_)east(_dot_)xsis(_dot_)xerox(_dot_)com)
Xerox Special Information Systems
Arlington, Virginia, USA