RE: Inclusion of the issuer and serial number in authenticated informati

All,

I agree with Jim Schaad's issuer/serialNumber authenticated attribute
proposal because:

1) I agree that it meets a valid requirement because it is certainly
possible to have multiple certs containing the same public key material. 

2) It provides the flexibility to bind the signer's cert (via the
issuer/serialNumber) with the signed data without forcing the signer to
always include the signer's cert in the signedData object.  In other words,
if the signer knows that the recipient already has the signer's cert, then
the signer should not be forced to send the signer's cert in the signedData.

3) It is backwards compatible with S/MIME v2 legacy software because the
legacy software will ignore the new attribute, but it can still verify the
signedData signature.

================================
John Pawling   
jsp(_at_)jgvandyke(_dot_)com                             
J.G. Van Dyke & Associates, Inc.           
================================

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: S/MIME Index?, Russ Housley

Next by Date:

Re: Criticality of Authenticated Attributes, John Pawling

Previous by Thread:

RE: Inclusion of the issuer and serial number in authenticated information, Carlisle Adams

Next by Thread:

Re: Inclusion of the issuer and serial number in authenticated information, Rich Ankney

Indexes:

[Date] [Thread] [Top] [All Lists]