On Thursday, April 16, 1998 6:21 AM, jsp(_at_)jgvandyke(_dot_)com
[SMTP:jsp(_at_)jgvandyke(_dot_)com] wrote:
Furthermore,
CMS should mandate that each individual authenticatedAttribute MUST be
DER-encoded when it is transmiited, but the SET OF
authenticatedAttributes
need not be ordered as per DER when they are transmitted." In other
words,
the authenticatedAttributes can be transmitted in any order and the
receiving software MUST ensure that they are ordered as per DER before
digesting them to verify the signature.
Got it. The text from the minutes is:
Russ stated that his initial position is to
mandate DER-encoding of the authenticatedAttributes. This solves the
problem
stated by Darren, because the receiving agent can simply hash over the
transmitted DER-encoded authenticatedAttributes without decoding and
re-encoding them. This issue will be resolved through messages on the
S/MIME
mail list.
Which indicates that Russ's position is that the entire
authenticatedAttributes MUST be DER encoded on transmission, which was
the reason for my original post. I would think that this would be the
version that went into the draft.
Personally, I like the version that's in the minutes (unless I am
misinterpreting them) -- mandate that the entire authenticatedAttributes
be DER encoded.
Is there a good reason to have the authenticatedAttributes at the sender
in DER format for the purpose of calculating the signature, and then
reorder them to put them in the message? It seems like that would not
be useful, unless there was a deliberate ordering that the sender was
trying to impress (which flies in the face of using a SET, of course).
And in the event that we mandate DER encoding on transmission, I propose
that receiving agents MUST NOT attempt to recode the attributes as DER.
I may have missed something, however.
Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103 Fax +1 425 882 8060