Russ,
I agree with all of your responses to my comments except for the following:
I originally stated:
3) Sec 6.2, RecipientInfo originatorCert description: Please add "This
field should be included when the recipientInfo keyEncryptionAlgorithm field
indicates a key agreement algorithm and the originator's certificate is
omitted from the envelopedData originatorInfo field (i.e. the originator's
public key material is required as part of the process to decrypt the
encryptedKey, but the originator's certificate is not included in the
envelopedData object)."
You responded:
I do not understand this one. In the bag-of-certificates, the originator
may have more than one with the specified key management algorithm. In
this case, the originator tells the recipient which one to use. The
certificate itself is not carried here, rather an EntityIdentifier is carried:
EntityIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier SubjectKeyIdentifier }
So, I do not see the change that is needed....
[JSP: Consider this example: I receive an envelopedData that includes a
recipientInfo for my D-H certificate, but the envelopedData does not include
originatorInfo and my recipientInfo does not include originatorCert. (This
is currently allowed by CMS). How do I identify the originator's D-H cert
from which the public D-H key must be obtained to be used to form the
pairwise key to be used to decrypt the encrypted session key??? I can't.
My point was to ensure that CMS clearly states that the originator's cert
must be present in originatorInfo or must be identified in recipientInfo
originatorCert. I believe that my comment should be included.]
- John Pawling