ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Comments on RFC2633bis

2002-05-22 05:55:26
from [William Ottaway] [Permanent Link] 

Hi Blake,

I have provided some comments on the X400wrap draft which relate to text
that is aligned with RFC 2633 and have therefore been asked to raise these
points with you.

1) Section 2.5, last paragraph. I understand where you are coming from but
the majority of S/MIME client users will not understand what the values in a
signed attribute mean, let alone which ones are listed in 2633, and probably
don't care. My general feeling is don't show the user this information. This
may have some impact legally (e.g. you can't sue me because I didn't know I
was signing/sending that). This is really a local issue. Perhaps rather than
stating this as a 'SHOULD' maybe a comment that it is advised
implementations support this feature, which can be turned on/off.

2) Section 3.3, 3.4.2 and 3.6. In the steps on constructing the different
types of message you don't mention applying a transfer encoding. This is
mentioned in the steps in section 3.4.3.2. I suggest that Step 3 in 3.3 and
3.4.2 and step 2 in 3.6 are changed to :-

"Transfer encoding is applied to the CMS object and it is inserted into an
application/pkcs7-mime MIME entity."



While I'm at it we had a discussion on the s/mime list back in Feb/Mar 2001
on another matter that raised its head whilst reviewing the X.400 drafts.
This was related to the 'certs only' message. This accumulated in me
suggesting the following text for section 3.6 (Thu, 1 Mar 2001
09:10:33 -0000).

"3.6 Creating a Certificate Management Message

The certificate management message or MIME entity is used to transport
certificates and/or CRLs, such as in response to a registration request.

   Step 1. The certificates and/or CRLs are made available to the CMS
generating
           process which creates a CMS object of type signedData. The
signedData
           encapContentInfo eContent field MUST be absent and signerInfos
field
           MUST be empty.

   Step 2. The CMS signedData object is enclosed in an
application/pkcs7-mime MIME entity

The smime-type parameter for a certificate management message is
"cert-management".
The file extension for this type of message is ".p7c"."

Of course step 2 would now be "Transfer encoding is applied to the CMS
object and it is inserted into an application/pkcs7-mime MIME entity."

Your reply (Thu, 1 Mar 2001 09:50:25 -0800) was "Sounds good -- we'll
rewrite it at some point."

Bill

____________________________________________________
 William Ottaway BSc Hons CEng MBCS,
 Woodward B009,
 QinetiQ                      Tel: +44 (0) 1684 894079
 Malvern Technology Centre,   Fax: +44 (0) 1684 896660
 St. Andrews Road,            email: 
w(_dot_)ottaway(_at_)eris(_dot_)QinetiQ(_dot_)com
 Malvern,
 Worcs,
 WR14 3PS

 All opinions are my own.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Comments on RFC2633bis, William Ottaway <=
Previous by Date:  Re: Protecting fields via message/rfc822 and merging issues, Housley, Russ
Next by Date:  RE: Protecting fields via message/rfc822 and merging issues, Bonatti, Chris
Previous by Thread:  Proposed Charter Update for S/MIME, Housley, Russ
Next by Thread:  RFC 3114 on Implementing Company Classification Policy, RFC Editor
Indexes:  [Date] [Thread] [Top] [All Lists]