ietf-smime
[Top] [All Lists]

RE: 'Signature Purpose' attribute?

1998-03-20 11:39:23
I am still unclear what this is really trying to solve.
It truly sounds like it is trying to do simple workflow. I also think is
adds little to what is possible within the cms specification as is.
If Alice sends a signed message to Bob. If Bob truly wants to show the
sequence, that he is a reviewer and has seen the document after Alice, the
originator, then he does not add a new signer info structure to the existing
layer with some attribute, but adds a new signed data envelope. Bob now
cannot be a originator because his signature has been added after Alice's.
What is important in this case is the sequence, that is signature should be
added with new envelopes to show they are in series, not some other
authenticated attribute.
As a matter of principal, I do not see that this kind of extension should be
part of the base CMS specification. I would far prefer we get CMS finished,
then we add new functionality by new standards as we are doing with ESS.
Nothing which is being discussed here impacts the base CMS specification.
This new functionality can be worked on in parallel and debated in parallel,
so there should be minimal time impact.
I would like to keep a strong focus on finishing CMS.
Trevor

-----Original Message-----
From: dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil 
[SMTP:dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil]
Sent: Friday, March 20, 1998 6:26 AM
To:   ietf-smime(_at_)imc(_dot_)org
Subject:      Re: 'Signature Purpose' attribute?


From: jsp(_at_)jgvandyke(_dot_)com (John Pawling)

In summary, I believe that the example should be removed because it
causes
confusion. 

That's OK with me.

Someone (I can guess who :-) will need to write up a concrete chunk of
text for inclusion in CMS.  The proposal isn't quite useable as is,
but the needed wordsmithing and merger with Tim's original text should
be minor.

Rich Ankney, do you have any opinions on how easily the X9.45 and ASTM
purposes would fit into the proposed framework?  Are the four basic
purposes sufficient?

Trevor Freeman, Michael Warner and others, do you have any comments on
the latest proposal?