Michel,
Not exactly, but close. The "encrypted body" referred to in step 4 is
the encryptedContent field of the encryptedContentInfo. However, I think
your comment still applies. I would suggest that the parenthetical phrase
in step 5 should be replaced with "(the entire EnvelopedData structure)".
Please contact me if you have further questions.
Chris Bonatti
-----------------------------------------------------------
| International Electronic Communication Analysts, Inc. |
| Christopher D. Bonatti Tel: 301-208-2349 |
| Principal Engineer Fax: 301-208-2379 |
-----------------------------------------------------------
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Musy
Michel-P28089
Sent: Monday, October 22, 2001 13:27
To: Housley, Russ; ietf-smime(_at_)imc(_dot_)org
Subject: RE: WG Last Call: x400transport and x400wrap
Request for Clarification:
The following steps decribe how to build a tripple wrapped message
with an X.400 content. Is the "encrypted body" only the
encryptedContentInfo?
This is my understanding.
If so, should Step 4 after the text "This is called the "encrypted body"."
specify that the enveloped data structure is built?
And shouln't Step 5 instead of referencing "(the encrypted body)", should
reference the envelope data structure?
Attached below Step 4 and Step 5 as they appear in the document.
I understand that the "encrypted body" is not the whole envelope
data but the whole envelope data structure should be signed.
Please clarify if there is something that I misunderstood.
Michel
email: michel(_dot_)musy(_at_)motorola(_dot_)com
------------------- From x400wrap-04 -------------------------
Step 4. Encrypt the result of step 3 as a single block. The
EnvelopedData encryptedContentInfo contentType MUST be set to
id-signedData. This is called the "encrypted body".
Step 5. Using the same logic as in step 2 and 3 above, sign the result
of step 4 (the encrypted body) as a single block. The SignedData
encapContentInfo eContentType MUST be set to id-envelopedData. The outer
SignedData structure is encapsulated by a ContentInfo SEQUENCE with a
contentType of id-signedData.
-----Original Message-----
From: Housley, Russ [mailto:rhousley(_at_)rsasecurity(_dot_)com]
Sent: Monday, October 22, 2001 7:21 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: WG Last Call: x400transport and x400wrap
Dear WG Members:
We have been in WG Last Call on these two documents for quite some
time. The WG Last Call on x400wrap was originally scheduled to end on 14
September, and the WG Last Call for x400transport was originally scheduled
to end on 4 October. The authors believe that all comments have been
resolved in the current versions. I believe that it is appropriate to
progress these two documents at the same time.
Title : Transporting S/MIME Objects in X.400
Author(s) : P. Hoffman, C. Bonatti
Filename : draft-ietf-smime-x400transport-04.txt
Date : 19-Oct-01
Title : Securing X.400 Content with S/MIME
Author(s) : P. Hoffman, C. Bonatti, A. Eggen
Filename : draft-ietf-smime-x400wrap-04.txt
Date : 27-Aug-01
Please review them to confirm that requested changes have been
incorporated. Unless traffic on the mail list indicates otherwise, I will
send these to the Security Area Directors on Friday, 26 October. So, if
you have concerns, please make them known by Thursday.
Russ
smime.p7s
Description: S/MIME cryptographic signature