Russ,
I would prefer to see Section 6.3, paragraph 1, as follows:
The content-encryption key for the desired content-encryption
algorithm is randomly generated. The data to be protected
is padded as described below, then the padded data is encrypted
using the content-encryption key. The encryption operation maps an
arbitrary string of octets (the data) to another string of octets
(the ciphertext) under control of a content-encryption key. The
encrypted data is included in the envelopedData encryptedContentInfo
encryptedContent OCTET STRING.
===========================================
John Pawling, John(_dot_)Pawling(_at_)GetronicsGov(_dot_)com
Getronics Government Solutions, LLC
===========================================