Thanks to Eric for the excellent spec.
Just one brief point.
This spec suggests that the ephemeral key may be the same for several
messages and that under such circumstances a separate pubInfo MUST be
used with each message (2.3). pubInfo coming from ukm in CMS.
However in the CMS the two ES examples given (12.3.1.1 [err there are
two section 12.3.1.1's: typo?]) state that ukm must be absent.
Personally I'd prefer it if ukm was allowed with CMS rather than banning
it from X942.
Steve.
--
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant.
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: shenson(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk
PGP key: via homepage.