"John Ross" <ross(_at_)jgross(_dot_)demon(_dot_)co(_dot_)uk> writes:
but what about extending the choice, are you also opposed to that?
This is easy to handle in theory (just add a '...' to the ASN.1) but a bit
more difficult to handle in practice since you need some way to coordinate the
extensions of the choice (everyone can't just add their own '[n] FooInfo').
It may be possible to maintain a register of extensions, one thing I'm
(gradually) working on, if no support is added to CMS itself, is extensions to
Recipient/SignerInfo to allow it to be used with the other IETF-standardised
(or about-to-be-standardised) certificate/key formats (which I mentioned in a
previous message). At the moment this lives under the name More Enhanced
Security Services (MESS) for S/MIME, I've had a fair bit of comment on this
from other groups (eg OpenPGP members) who would like to see CMS less tied to
X.509 certs for everything it does.
What MESS does is add a few trivial extensions to the current CMS stuff to
support these additional formats, it's just the additional key identifiers I
mentioned in a previous message plus a few other bits and pieces. If people
wanted either new key identifiers or recipient info types, and provided there
was a reasonable justification for them (for example "x zillion PGP users need
to have this" is a good one), it could be added to the MESS.
Peter.