Comments in line.
Jim Schaad wrote:
Consider the following message S1(S2(M)).
1. S1 contains a two different SignerInfos. SignerInfo #1 cannot be
validated and contains an MLA Expansion history element. SignerInfo #2
can be validated. Does the MLA stop processing of the message? This is
the case if there were two different MLA Expansion history elements, but
this case is not explicity addressed.
Hmm ... yes.
I thought it had to check for attributes especially ESSSecurityLabel
prior to passing it on. I think it ought to fail. S2 could be just be
gobledegook and you don't want to pass that on.
2. S1 validates and contains an MLA Expansion history element. S2
fails validation. Since the MLA could in theory just evaluate S1 and
not look at S2, is it considered to be illeagle behavior (i.e. MUST stop
processing) to pass on this message?