ietf-smime
[Top] [All Lists]

Use of attribute certificates in SignedData

2001-08-28 10:46:08
I have a question for the group concerning attribute certificates. 
 
Is there an accepted location to put an attribute certificate associated with 
the signer in the SignedData data structure?  I have a SignedData object and 
I?m considering putting an attribute certificate associated with the signer in 
the ?certificates? field of SignedData in addition to the PKC of the signer.  
 
Is that a ?philosophically correct? location?  I have some concern about 
standard decoders being able to successfully decode the SignedData structure if 
includes an attribute certificate.  Other options include burying the 
certificate in the encapsulated content or including it as a Signed or UnSigned 
attribute.
 
I?d appreciate any advice and or lessons learned that you can offer.  Thanks in 
advance.  
 
Chris Francis
<Prev in Thread] Current Thread [Next in Thread>