ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: I-D ACTION:draft-ietf-smime-certdist-02.txt

1998-12-11 08:34:13
from [Francois Rousseau] [Permanent Link] 
Jim,

I am not sure if you have any plan to change this for version 3 of CERTDIST
or if it was discussed in Orlando, but I just thought that the syntax for
the SMimeEncryptionCerts attribute in Section 3 should be more flexible and
not necessarily be bound for ever to SHA1. I however agree that SHA-1
should be the default digest algorithm at this point. Instead I suggest
that it could read as follows:

       SMimeEncryptionCerts ::= SEQUENCE OF SMimeEncryptionCert

       SMimeEncryptionCert ::= SEQUENCE {
            certHash         CertHash,
            capabilities     SMIMECapabilities
       }

       CertHash ::= SEQUENCE {
            digestAlgorithm  DigestAlgorithmIdentifier,
            digest           Digest
       }

       DigestAlgorithmIdentifier ::= AlgorithmIdentifier

       Digest ::= OCTET STRING -- hash of the entire certificate

Francois Rousseau
AEPOS Technologies
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: I-D ACTION:draft-ietf-smime-certdist-02.txt, Francois Rousseau <=
Previous by Date:  Comments on drafts., Andrew Farrell
Next by Date:  Re: Comments on drafts., Paul Hoffman / IMC
Previous by Thread:  Comments on drafts., Andrew Farrell
Next by Thread:  Comments of CMS-09 - section 6.3, Darren Harter
Indexes:  [Date] [Thread] [Top] [All Lists]