Chung,
In both cases, these are signed attributes. The IETF S/MIME working group
decided that it was important that the encapsulated content type and the
information identifying the signer's certificate(s) be cryptographically
bound to the digital signature of the RFC 2630 SignedData object. RFC 2634
provides a detailed discussion regarding the purpose of the
signingCertificate signed attribute.
===========================================
John Pawling, John(_dot_)Pawling(_at_)GetronicsGov(_dot_)com
Getronics Government Solutions, LLC
===========================================
-----Original Message-----
From: Chung, KwonSung [mailto:kschung(_at_)bcqre(_dot_)com]
Sent: Tuesday, January 09, 2001 12:42 AM
To: ietf-smime
Subject: S/MIME signed attributes
Hello All,
In S/MIME signed message at MS Outlook and Netscape Messanger, the
signed message has sevral signed attributes.
I have two questions related these signed attributes.
1. "contentType" Signed Attribute
In "encapContentInfo", the type of content is determined.
"contentType" represents the same information about content type. Why is
the same information included again?
2. "signingCertificate" Signed Attribute
In "certificates", certificate which was used to sign message is
included. But "sigingCertificate" has the same data - the certificate
used to sign message- as value. Why?
This attribute is not used by MS Outlook and Netscape Messanger. I don't
know what the usage of this attribute is.
Thank you.
Chung