"Pawling, John" <John(_dot_)Pawling(_at_)GetronicsGov(_dot_)com> writes:
RFC2630 CMS, section 12.2.2, specifies the use of the rsaEncryption object
identifier (OID) in the signedData signerInfo signatureAlgorithm field when
the RSA (PKCS #1 v1.5) algorithm is used as part of the signature generation
process. cmsalg-02, Section 3.2, specifies the use of the
md5WithRSAEncryption and sha1WithRSAEncryption OID (as appropriate) in the
signedData signerInfo signatureAlgorithm field (instead of the
id-rsaEncryption OID). The cmsalg-02 proposed use of these OIDs is
consistent with their use in the RFC2459 PKIX Certificate/CRL Profile. The
RFC2630 use of the id-rsaEncryption OID is inconsistent with RFC2459.
Is this change going to cause backwards compatibility problems with legacy
CMS implementations?
I strongly suspect it will. More to the point, what's the virtue of
this change?
-Ekr