All,
I must say I for one prefer Chris Bonatti's original proposal, purely from the
perspective of the current
protocol. Without it, a small slip in implementation seems to open up some
very undesirable possibilities,
IMHO. The proposal closes that door.
However, I can understand the backward compatibility arguments, and I'm
prepared to go with the flow
on this.
Tim Dean
----------------------------------------------------
----------
From: David P. Kemp [SMTP:dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil]
Sent: Wednesday, March 04, 1998 5:46 PM
To: ietf-smime(_at_)imc(_dot_)org
Subject: Re: Tolerance on Message Digest Attribute
All,
I agree with Eric that the proposals to omit the message digest attribute
from the transmitted signedData object do not enhance security and do create
a needless incompatibility between S/MIME v3 and v2 implementations.
- John Pawling
I'm willing to accept either outcome; I just want to achieve closure,
and give potential non-S/MIME users of CMS (in particular Tim Dean and
the European community) one last chance to weigh in on the issue.