"Dieter:
It simply needs to be a unique identifier of the signed content. This
allows the originator of the original message to locate the message when
the receipt arrives.
Russ
At 04:02 PM 11/28/2002 +0100, Dieter Bratko wrote:
Hello,
Implementing the ESS Signed Receipt service I would like to tell the
following question regarding the role of the message originator:
According to RFC2634 the signedContentIdentifier field should contain
user-specific identification information (such as a user name or public
keying material identification information). When creating a receipt the
signedContentIdentifier is copied from the receiptRequest to the receipt:
Receipt ::= SEQUENCE {
version ESSVersion,
contentType ContentType,
signedContentIdentifier ContentIdentifier,
originatorSignatureValue OCTET STRING }
Is my interpretation right that the user-specific identification information
implicitly contained in the signedContentIdentifier -- since it has to be
the same for any receiptRequest attribute of any SignerInfo containing a
receiptRequest attribute -- refers to the (one and only) message originator
(sender), but the originatorSignatureValue field holds the signature value
from the SignerInfo just processed (which not necessarily has to be the
signerInfo of the originator); and when creating the receipt it does not
mind which SignerInfo it is based on (the validator must be able to validate
receipts based on any SignerInfo contained in the original SignedData)?
Regards,
Dieter Bratko
---------
Dieter Bratko, <mailto:Dieter(_dot_)Bratko(_at_)iaik(_dot_)at>
Institute for Applied Information Processing and Communications (IAIK)
Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria,
http://jce.iaik.tugraz.at/