Some more input
5.9.eml
Jim Schaad: Fail
signatureAlgorithm of dsa not dsaWithSha1
11.3.bin
Jim Schaad: Pass
I think I should be able to work through all of sections 6, 8 & 9 by the
end of this week. I don't have anything external on my plate at the
moment.
jim
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Paul
Hoffman / IMC
Sent: Friday, May 23, 2003 6:11 AM
To: ietf-smime-examples(_at_)imc(_dot_)org; ietf-smime(_at_)imc(_dot_)org
Subject: Post-last-call status of the S/MIME examples draft
Greetings again. Here's my collected notes from the WG mailing list,
the smime-examples mailing list, and off-list mail. I summarize at
the end.
====================
4. Trivial Examples
4.1 ContentInfo with Data type, BER
John Pawling: tested OK.
Jim Schaad: tested OK.
4.2 ContentInfo with Data type, DER
John Pawling: tested OK.
Jim Schaad: tested OK.
5. Signed-data
Jim Schaad pointed out that many examples had the
signatureAlgorithm of 1.2.840.10040.4.1 (dsa) but it
should instead
be 1.2.840.10040.4.3 (dsaWithSha1).
The general decision was that the examples should have dsaWithSha1.
John Pawling and Sue Beauchamp at DigitalNet agreed to re-generate
the examples.
5.1 Basic signed content, DSS
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: failed.
signatureAlgorithm is dsa but should be dsaWithSha1
Sue Beauchamp sent new example file.
5.2 Basic signed content, RSA
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: tested OK.
5.3 Basic signed content, detached content
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: failed.
Contains Alice's RSA certificate
No content hint unsigned attribute
signatureAlgorithm is dsa but should be dsaWithSha1
Sue Beauchamp sent new example file.
5.4 Fancier signed content
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Sue Beauchamp sent new example file.
5.5 All RSA signed message
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: tested OK.
5.6 Multiple signers
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: failed.
signatureAlgorithm is dsa but should be dsaWithSha1
Sue Beauchamp sent new example file.
5.7 Signing using SKI
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: failed.
signatureAlgorithm is dsa but should be dsaWithSha1
Sue Beauchamp sent new example file.
5.8 S/MIME multipart/signed message
John Pawling: tested OK.
Blake Ramsdell: tested OK.
5.9 S/MIME application/pkcs7-mime signed message
John Pawling: tested OK.
Blake Ramsdell: tested OK.
5.10 SignedData With Attributes
John Pawling: tested OK.
Blake Ramsdell: tested OK.
Jim Schaad: failed.
Change "unknown OID" to "unknown OID (1.2.5555)"
Content Hint should have an OID of 1.2.840.113549.1.7.1
Content Identifier attribute absent
Contains Security Label attribute
Contains encrypt key preference attribute
Contains ML Expansion History attribute
Contains Equivalent Label attribute
5.11 SignedData with Certificates Only
John Pawling: tested OK.
Blake Ramsdell: tested OK.
6. Enveloped-data
6.1 Basic encrypted content, TripleDES and DH
John Pawling: tested OK.
6.2 Basic encrypted content, TripleDES and RSA
John Pawling: tested OK.
Blake Ramsdell: tested OK.
6.3 Basic encrypted content, RC2/40 and RSA
Blake Ramsdell: this is actually a 128-bit key.
Jeff Jacoby: confirmed Blake's assertion.
Paul Hoffman: thinks we could just change the title of the example.
John Pawling: tested OK.
Blake Ramsdell: tested OK.
6.4 Encrypted content, two recipients, no shared keying material
John Pawling: tested OK but noted unsuccessful Invalid tag for
privateKeyInfo for second login.
6.5 Encrypted content, two recipients, shared keying material
John Pawling: could not test due to bug in his code.
6.6 Encrypted content, TripleDES and DH, previously-distributed keys
John Pawling: tested OK.
6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys
John Pawling: tested OK.
6.8 S/MIME application/pkcs7-mime encrypted message
John Pawling: tested OK.
6.9 EnvelopedData with All Recipient Types
John Pawling: tested OK.
6.10 EnvelopedData with KARI RC2 Encryption
John Pawling: tested OK.
6.11 EnvelopedData with KEK 3DES Encryption
John Pawling: tested OK.
7. Digested-data
Blake Ramsdell: tested OK.
8. Encrypted-data
8.1 Simple EncryptedData
Blake Ramsdell: tested OK.
8.2 EncryptedData with unprotected attributes
9. Authenticated-data
There are still no examples in this section.
10. Key Wrapping
John Pawling: tested OK.
10.1 Wrapping RC2
John Pawling: tested OK.
10.2 Wrapping TripleDES
John Pawling: tested OK.
11. ESS Examples
11.1 ReceiptRequest
John Pawling: test failed, has sent new example file.
11.2 Receipt
John Pawling: test failed, has sent new example file.
11.3 eSSSecurityLabel
John Pawling: tested OK.
11.4 EquivalentLabels
John Pawling: tested OK.
11.5 mlExpansionHistory
John Pawling: tested OK.
11.6 SigningCertificate
John Pawling: tested OK.
====================
Everything has been tested by at least one person *except* "8.2
EncryptedData with unprotected attributes". If no ones tests this, we
will probably get rid of it. Can anyone whose software handles
EncryptedData please test example 8.2 and let me and/or the list know
the results?
All examples that had test failures have been re-submitted to my by
the DigitalNet folks *except* 5.10, which Jim Schaad had a lot of
problems with. Could someone generate a new example of 5.10? It would
be valuable to have it in the document.
--Paul Hoffman, Director
--Internet Mail Consortium