From: "Phillip M Hallam-Baker" <pbaker(_at_)verisign(_dot_)com>
I agree with Eric.
If a cannonical encoding is important then it is probably
necessary to avoid ASN.1 at all costs, DER is simply too
great an overhead for the functionality provided.
I would rephrase that to say "it is probably necessary to avoid
SET OF at all costs".
However, those of us who wanted to base S/MIME on PKCS#7 v2 were
overruled by those who wanted backward compatibility with v1.5.
A non-ASN.1 solution would fail the backward compatibility test
just as surely as a DER-friendly solution :-).
I agree with the rest of what Phil says, but still believe that the
spec should be silent on receiver reordering. When it comes time to
point fingers, it will be easy to demonstrate who's transmitter is
noncompliant.