Just to be a little more clare abouit this. My response would be as
1. It is stated that the reciept must be DER encoded.
2. The directly statement is made with respect to the lack of a MIME layer
being inserted between the receipt content and the surrounding SignedData
ASN construct (i.e. the MIME layer is omitted unlike what is done in
wrapping a signed message in an encrypted message).
3. The OCTET wrapping or lack of is addressed by either PKCS#7 or CMS
drafts. It is present for CMS and omitted for PKCS#7.
Behalf Of Cameron Stillion
Sent: Friday, March 10, 2000 11:45 AM
Cc: 'phoffman(_at_)imc(_dot_)org'; Bryan Staats
Subject: ESS : Secure Receipt encoding within EncapsulatedContentInfo
... and now for something completely different:
According to the ESS RFC on page 16, step 9:
9. The ASN.1 DER encoded Receipt content MUST be directly encoded within
the signedData encapContentInfo eContent OCTET STRING defined in [CMS].
Should eContent be a DER-encoding of the receipt?
Should eContent be a DER-encoding of an OCTET STRING containing the
DER-encoding of the receipt?
The word "directly" seems to indicate that the former is the correct one.
Just tell me I'm not crazy.