All:
There has benn much discussion of attribute criticality. It is my view
that there is concensus that the feature is needed. Two mecanisms for the
addition of this feature have been offered.
First alternative: include a BOOLEAN in the attribute definition that
states the criticality of the the attribute. If the attribute is marked
critical and an implementation does not know how to process the attribute,
then the message must be rejected.
Second alternative: include a new attribute that lists the OIDs of all
critical attributes.
In terms of backward compatibility with S/MIME 2, these two mechanisms have
very different implications.
By defining a DEFAULT value for the BOOLEAN, all non-critical attributes
will be backward compatible. Also, we can use the S/MIME 3 version to
indicate that critical attributes are present. This use of version should
keep an S/MIME 2 implementation from having an ASN.1 decode error. The
ASN.1 would be:
Attribute ::= SEQUENCE {
attributeType OBJECT IDENTIFIER,
critical BOOLEAN DEFAULT FALSE,
attributeValues SET OF AttributeValue }
AttributeValue ::= ANY
On the other hand, the critical attribute list makes no change to the
syntax. However, an S/MIME 2 implementation would simply ignore this
attribute as it would any other unsupported attribute. So, the criticality
of the attributes would not really be imposed.
This breifi analysis leads to to the coluclusion that the critical boolean
is a better path. Is there concensus on this point?
Russ