1. Given that the question has been raised on at least one IETF mailing
list, it might be advisable to state that the public key algorithm for rsa
in a certificate is the same for v1.5 and v2.0.
Agree. I updated the Introduction to include:
CMS supports variety of architectures for certificate-based key management,
particularly the one defined by the PKIX working group [PROFILE]. PKCS #1
Version 1.5 and PKCS #1 Version 2.0 require the same RSA public key
information. Thus, a certified RSA public key may be used with either RSA
key transport technique.
2. You have consistantly gotten the RFC number for the v2.0 draft
incorrect. It is 2437 not 2347.
Ooops. I now reference RFC 2437.