Eric,
You wrote:
I don't believe that the version number matters here much. The
way I see it, a client that's smart enough to skip innapropriately
versioned Signer or RecipientInfos should be smart enough to
skip over a different CMS version number and see if it can
really read the message.
I disagree with this statement. I believe that programmers will implement
one of the following:
a) examine the value of the version number and reject (or skip over, if
applicable) fields with unrecognized syntaxes; or
b) ignore the version numbers and just try to decode the object.
I believe that we should write the specs so that vendors can develop code to
properly implement option a.
You wrote:
I tend to agree here. OTOH, if OriginatorInfo is present, then
it seems that the version number must be increased. Else what
good is the version number in the first place?
CMS already states that the envelopedData version must be 3 if
originatorInfo is present.
- John Pawling