ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Last Call Comments on CMS-10

1999-01-08 13:05:01
from [Jim Schaad (Exchange)] [Permanent Link] 
Russ,

I have a few comments on the lastest version of the CMS draft published

1.  Section 2, Last paragraph, Sentence 4:  I think that "However, signed
attributes within the signed-data content type and authenticated attributes
within the authenticated-data content type require DER encoding." should
read "However, signed attributes within the signed-data content type
andauthenicated a attributes within the authenticated-data content type are
the only places where DER encoding is required."

2. ASN Module Errors 
"cms.asn", line 176 (CryptographicMessageSyntax): A0256W: 'DigestAlgorithm'
is referenced, but is not defined.
Need to change DigestAlgorithm to DigestAlgorithmIdentifier in
AuthenticatedData

3. The algorithm OIDs defined and used in section 12 are not included in the
ASN module.

4. Section 5, First pagagraph after the bullets.  The text has not been
updated to reflect the SKI addition to the signer info object.

5. Same as above:  "that uniquely identify the certificate containing the
public key" Should read "that uniquely identifies the certificate..."

6. Section 5.1:  The last two paragraphs really belong as part of section
5.2 as they are discussing EncapsulatedContentInfo.  This is especially true
given that it is refered to from places like section 7.

7.  Section 5.1: Text on version needs to be expanded to deal with SKI.
Must be 3 if any SignerInfo version is 3.

8. Section 9. nit-pik -- authenticatedAttributes is misspelt in the ASN for
AuthenticatedData (but it is consistantly misspelt).

9. Section 10.2.6 -- I don't  like the first sentence.  How about "The
UserKeyingMaterial type gives a syntax for user keying material (UKM)."

10. Section 12.3.1, paragraph 3.  I would like to change the first sentence
to "A CMS Implementation should support mixed key-encryption and
content-encryption algorithms."

11. Section 12.3.3 - Please insert the following paragraph in this section
"   A CMS implementation should support mixed key-encryption and content-
   encryption algorithms.  For example, a 128-bit RC2 content-encryption
   key may be wrapped with 168-bit Triple-DES key-encryption key.
   Similarly, a 40-bit RC2 content-encryption key may be wrapped with
   128-bit RC2 key-encryption key.
"
12. Ditto 11 for section 12.6

13. Security Considerations, pargraph 7 - Typo with wises for wishes
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Ready For Last Call: draft-ietf-smime-cert-06.txt, Russ Housley
Next by Date:  Ready For Last Call: draft-ietf-smime-msg-06.txt, Russ Housley
Previous by Thread:  Ready For Last Call: draft-ietf-smime-cert-06.txt, Russ Housley
Next by Thread:  Re: Last Call Comments on CMS-10, Russ Housley
Indexes:  [Date] [Thread] [Top] [All Lists]