ietf-smime
[Top] [All Lists]

Re: AuthenticatedData in CMS

1998-09-28 08:52:18
Russ,

The scenario I had envisioned here was one in which the sender had no
certificates just an out of band authentication token from the
recipient, but no other information about the recipient.

After multiple emails with Brian Korver, the solution seemed to be to
use AuthenticatedData with the authentication token carried in a
MailListRecipientInfo.

Trevor

Russ Housley writes:
Trevor:

Why not use signed-data in this case?

When using a MAC, authentication is lost if the key is disclosed.

Russ

At 02:02 PM 9/11/98 -0500, Trevor Sosebee wrote:
Suppose an entity wants to use an AuthenticatedData structure as a
generic way to carry authenticated data, and does not care who the
recipient is or has no knowledge of the recipient's credentials at the 
time of creation. It seems there should be a way to do this with no
such knowledge, but since RecipientInfos is required to exist and contain
at least one RecipientInfo, there seems to be no way around the problem.

At the very least could the requirement that RecipientInfos be present 
be relaxed to possibly contain no RecipientInfo?

Trevor



<Prev in Thread] Current Thread [Next in Thread>