John:
1) Section 4.1, 2nd para: Please change the following to be consistent with
Table 1:
OLD: "CMS implementations MUST include Triple-DES wrapping of Triple-DES
content-encryption keys and RC2 wrapping of RC2 content-encryption keys."
NEW: "CMS implementations MUST include Triple-DES wrapping of Triple-DES
content-encryption keys and SHOULD include RC2 wrapping of RC2
content-encryption keys."
Agree. Done.
2) Recommend the following change in your recommended text for section 4.4
as follows:
OLD: Key derivation algorithms identifiers are...
NEW: Key derivation algorithm identifiers are...
Agree. Done.
3) Recommend the following change in your recommended text for section 4.4
as follows:
OLD: The content-encryption keys encrypted with password-derived
key-encryption keys are located in the EnvelopedData RecipientInfos
PasswordRecipientInfo encryptedKey field. The message-authentication keys
encrypted with password-derived key-encryption keys are located in the
AuthenticatedData RecipientInfos PasswordRecipientInfo encryptedKey field.
NEW: The content-encryption key encrypted with the password-derived
key-encryption key is located in the EnvelopedData RecipientInfos
PasswordRecipientInfo encryptedKey field. The message-authentication key
encrypted with the password-derived key-encryption key is located in the
AuthenticatedData RecipientInfos PasswordRecipientInfo encryptedKey field.
I was trying to be parallel. The plural is used in other places. See, for
example, section 4.2.
Russ