ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ESS changes from the WG Meeting

1998-12-14 09:57:09
from [Jim Schaad (Exchange)] [Permanent Link] 
Given the addition of SKI to SignerInfo, the following change should be made
in section 5.4 of ESS.

First pargraph after ASN is:

The first certificate identified in the sequence of certificate identifiers
MUST be the certificate used to verify the signature. The encoding of the
ESSCertID for this certificate SHOULD NOT include the issuerSerial because
the issuerAndSerialNumber is already present in the SignerInfo. The
certificate identified is used during the signature verification process. If
the hash of the certificate does not match the certificate used to verify
the signature, the signature MUST be considered invalid.

Paragraph should be:

The first certificate identified in the sequence of certificate identifiers
MUST be the certificate used to verify the signature.  The encoding of the
ESSCertID for this certificate SHOULD include the issuerSerial field.  If
other constraints ensure that issuerAndSerialNumber will be present in the
SignerInfo, ESSCertID MAY be omitted. The certificate identified is used
during the signature verification process. If the hash of the certificate
does not match the certificate used to verify the signature, the signature
MUST be considered invalid.



jim
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Key Wrap Algoritm, Graham Klyne
Next by Date:  Re: ESS changes from the WG Meeting, Francois Rousseau
Previous by Thread:  Comments of CMS-09 - section 6.3, Darren Harter
Next by Thread:  Re: ESS changes from the WG Meeting, Francois Rousseau
Indexes:  [Date] [Thread] [Top] [All Lists]