Russ,
Thank you for your thoughtful responses to my comments. I agree with all of
your responses and counter-proposals except for the following:
I stated: "7) Section 6.2.4, recommend changing PasswordRecipientInfo
version value to 1. This would cause the EnvelopedData version number to be
set to 2 if the PasswordRecipientInfo was present. This would assist with
debugging and error reporting."
You responded; "Please raise this on a separate thread. This is a comment
on draft-ietf-smime-password, not CMS. Right now, draft-ietf-smime-password
says to use version 0.
We can change the version setting algorithm...."
A few months ago, I proposed that the PasswordRecipientInfo version value
should be changed in draft-ietf-smime-password. My proposal met with
resistance. I propose that the Section 6.1, EnvelopedData version setting
algorithm should be changed as follows:
[*** NEW ***] version is the syntax version number. The
appropriate value depends on originatorInfo, RecipientInfo, and
unprotectedAttrs. The version MUST be assigned as follows:
IF (originatorInfo is present) OR (unprotectedAttrs is present)
THEN
IF (any version 2 attribute certificates are present)
THEN version is 3
ELSE version is 2
ELSE
IF (any RecipientInfo structures are a version other than 0) OR
(any RecipientInfo structures are pwri CHOICE)
THEN version is 2
ELSE version is 0
===========================================
John Pawling, John(_dot_)Pawling(_at_)GetronicsGov(_dot_)com
Getronics Government Solutions, LLC
===========================================