From: pgut001(_at_)cs(_dot_)aucKland(_dot_)ac(_dot_)nz (Peter Gutmann)
[... quoting Gunther Schadow]
This is all said for encryption. For signatures it may be better not
to compress so as to have an immediately readable cleartext to store
with the signature. But hell, isn't S/MIME hiding the text behind a
blob of DER anyway? (I hate S/MIME for this)
[...]
regards
-Gunther
Nope, S/MIME signs the text and then blobs it.
CMS Section 5.4:
"Specifically, the initial input [to the message digest calculation]
is the ... eContent OCTET STRING to which the signing process is
applied. Only the octets comprising the value of the eContent
OCTET STRING are input to the message digest algorithm, not the
tag or length octets."