Since I did not attend the last meeting in Chicago, I just wanted to
suggest that I though it would be more appropriate to add this new ESS
section 5 on "Signing Certificate Attribute" in CMS instead of ESS.
However, I do agree that CMS should not be held up because of this.
Instead, could a forward pointer be added in Section 11 of CMS to these
other useful attributes that are only defined in ESS?
This would result in the following changes to Section 11 of CMS:
OLD: "This section defines attributes that may used with signed-data or
authenticated-data. Some of these attributes were originally defined in
PKCS #9 [PKCS #9], others are defined and specified here. The attributes
are not listed in any particular order."
NEW: "This section defines attributes that may be used with signed-data or
authenticated-data. Some of these attributes were originally defined in
PKCS #9 [PKCS #9], others are defined and specified here. Additional
attributes are defined in the Enhanced Security Services for S/MIME [ESS],
which also include recommendations on their placement. The following
attributes are not listed in any particular order."
[ESS] would also have to be defined in the "References" Section of CMS.
Francois Rousseau
AEPOS Technologies
2. Since there was some discussions on the draft and changes were still
being made, it was not felt desirable that the CMS draft be put at risk by
this change occuring.
During the last meeting in Chicago I raised the issue of some changes needed
into it I recently sent a message on this topic.
Exactly. This is a very good reason not to put these into CMS: we really,
really don't want to hold it up.