ietf-smime
[Top] [All Lists]

Re: CMS-03 Comments

1998-02-23 11:42:33
John Pawling wrote:

Phil,

Maintaining backwards compatibility with PKCS #7 v1.5 is an important goal
of many of the S/MIME WG members.  Your suggestion makes sense, but it
breaks backwards compatibility with PKCS #7 v1.5 (which uses "SET OF").


Understood, and I know we've had this discussion before.
Just wanted to look it over one last time in light of the
differences that already exist between UnAuthAttributes
and

   AuthAttribute ::= SEQUENCE { 
      type       OBJECT IDENTIFIER, 
      critical   BOOLEAN DEFAULT FALSE, 
      values     SET OF AttributeValue } 

though I understand the reasoning here. Seems to me like 
a relatively minor change since it only impacts a tag.

Phil

================================
John Pawling
jsp(_at_)jgvandyke(_dot_)com
J.G. Van Dyke & Associates, Inc.
================================

At 09:18 AM 2/23/98 -0500, asn1(_at_)mindspring(_dot_)com wrote:
If authenticated attributes are to be DER encoded, they
will be subject to the sorting rules required to assure
that they are unique if a SET is used. This may lead to
unanticipated results, including interoperabilty problems.

If we are free to do as we wish here in redefining types,
I would much prefer to see

  AuthAttributes ::= SEQUENCE OF AuthAttribute

used instead. It would allow senders to explicitly
control the order of the AuthAttribute components,
and would offer less processing overhead.

Phil


-- 
Phillip H. Griffin         Griffin Consulting
asn1(_at_)mindspring(_dot_)com        ASN.1-SET-Java-Security
919.828.7114               1625 Glenwood Avenue
919.832.7008 [mail]        Raleigh, North Carolina 27608 USA
------------------------------------------------------------
          Visit  http://www.fivepointsfestival.com
                 http://www.five-points.com
------------------------------------------------------------

<Prev in Thread] Current Thread [Next in Thread>