RE: Compressed data type for S/MIME

From: pgut001(_at_)cs(_dot_)aucKland(_dot_)ac(_dot_)nz (Peter Gutmann)

 [... quoting Gunther Schadow]

This is all said for encryption. For signatures it may be better not
to compress so as to have an immediately readable cleartext to store
with the signature. But hell, isn't S/MIME hiding the text behind a
blob of DER anyway? (I hate S/MIME for this)

 [...]

regards
-Gunther



Nope, S/MIME signs the text and then blobs it.

CMS Section 5.4:

  "Specifically, the initial input [to the message digest calculation]
   is the ... eContent OCTET STRING to which the signing process is
   applied.  Only the octets comprising the value of the eContent
   OCTET STRING are input to the message digest algorithm, not the
   tag or length octets."

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Compressed data type for S/MIME, (continued) RE: Compressed data type for S/MIME, Darren Harter RE: Compressed data type for S/MIME, Paul Hoffman / IMC RE: Compressed data type for S/MIME, Graham Klyne RE: Compressed data type for S/MIME, Linn, John RE: Compressed data type for S/MIME, Salz, Rich RE: Compressed data type for S/MIME, Pawling, John RE: Compressed data type for S/MIME, David P. Kemp RE: Compressed data type for S/MIME, Peter Gutmann RE: Compressed data type for S/MIME, Peter Gutmann RE: Compressed data type for S/MIME, Darren Harter RE: Compressed data type for S/MIME, David P. Kemp <=