Here are a couple of comments in addition to John's comprehensive
list of 38 changes:
1) Sec 1.1.1: The first paragraph was a bit difficult to parse.
Recommend changing it to: "Not all messages need to be triple wrapped.
Triple wrapping is used when a message must be signed, then encrypted,
and then have authenticated attributes bound to the encrypted body.
Outer attributes may be added or removed by the message originator or
intermediate agents, and may be authenticated by intermediate agents or
the final recipient."
2) Appendix A: Please add the definition of the id-ct-receipt OID to
the ASN.1 module, if the OID will not be imported from CMS or
another module. id-ct-receipt is not currently included in any of the
Internet-Drafts, nor are any of the new authenticated attributes.
It would be useful to include the OIDs for all the attributes defined
in Sec 1.3.4 in an ASN.1 module (ESS, CMS, or other), and harmonize the
name of the attribute with the name of the OID listed in the object
registry:
Attribute OID
-------------------- ----------------------
contentHints id-aa-contentHint
contentIdentifier id-aa-contentIdentifier
contentType id-contentType
counterSignature id-countersignature
encapsulatedContentType (delete id-aa-encapContentType from OID registry)
messageDigest id-messageDigest
mlExpansionHistory id-aa-mlExpandHistory
receiptRequest id-aa-receiptRequest
signingTime id-signingTime
smimeCapabilities (referenced in -msg draft, not in OID registry)
essSecurityLabel id-aa-securityLabel
(*** add to table 1.3.4) id-aa-msgSigDigest