Russ,
Sometimes I wonder if this will ever end - the endless updates to documents
as we find things that seem to be lacking. Oh well.....
I find myself wanting to identify a key using the password recipient info
type in an enveloped data structure. Specifcally I am sending a enveloped
data structure between a server and a client system. They do not yet have
certificates setup so that there is no way to use a public/private key pair.
They however do have an identifier/passphase setup between them. It would
be convient if one could place the identifier in the PasswordRecipientInfo
structure so that all of the data is together rather than looking in many
different places for the infomration needed.
I would like to change the structure to
PasswordRecipientInfo ::= SEQUENCE {
version CMSVersion -- {v0, v1}
kekid [1] KEKIdentifier OPTIONAL, -- if present version = 1
keyDerivationAlgorithm [0] KeyyDerivationAlgorithmIdentifier OPTIONAL,
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
encryptedKey EncryptedKey
}
Jim