[Top] [All Lists]

Re: CMS-06 Comments

1998-08-04 09:53:48

One minor nit....

John Pawling writes:
The result of the MAC calculation process depends on whether the 
authenticatedAttributes field is present.  When the field is absent, 
the result is just the MAC of the content as described above.  When 
the field is present, however, the result is   the MAC of the complete 
DER encoding of the authenticatedAttributes value contained in the 
AuthAttributes field. Since the authenticatedAttributes value, when 
present, must contain the content-type and mac-value attributes, those 
values are indirectly included in the result.  A separate encoding of 
the authenticatedAttributes field is performed for MAC calculation.  
The IMPLICIT [0] tag in the authenticatedAttributes field is not used 
for the DER encoding, rather an EXPLICIT SET OF tag is used.  That is, 

I know what you mean, but "EXPLICIT SET OF" looks almost like ASN.1.
I'd suggest dropping EXPLICIT.  If it isn't clear enough, maybe we
should parenthetically state the actual tag byte (0x31).

the DER encoding of the SET OF tag, rather than of the IMPLICIT [0] 
tag, is to be included in the MAC calculation along with the length 
and content octets of the authenticatedAttributes value.


<Prev in Thread] Current Thread [Next in Thread>