ietf-smime
[Top] [All Lists]

Multi-level CMS Signature evaluation Rules: Document Location

2005-12-04 15:28:38

After having read the document by Bellovin and Rescorla, I agree with its
conclusion that the working group needs to provide guidence on how
evaluation of signatures needs to be done in the cases of 1) multiple
signatures at a single layer and 2) multiple signature layers.

I can think of four different documents that this can go into:

1) CMS Base specification
        Pro:
                - This is core functionality and it would be seen by all
implementers of CMS
                - It would deal with ALL CMS objects

        Con:
                - The document is not currently open for changes
                - Depending on how it is written, it might be more open to
changes in the future


2) New CMS document on multiple layers
        Pro:
                - Does not change any current documents
                - Could be written as a BCP and thus have the ablity to make
additional statements
                - Would deal with all CMS objects
                - Allows for discussion of different policies for
evalutation

        Con:
                - It's a new document and would need to be referenced
everywhere


3) S/MIME Message Specification
        Pro:
                - This is the draft that S/MIME implementers use and this is
currently the main place that needs help
        
        Con:
                - It does not currently discuss any type of wrapping
                - It would not deal with AuthenticatedData wrapping


4) ESS
        Pro:
                - It already discusses the concepts of multiple layer
wrapping
                - The document needs to be openned for dealing with
ESSCertID

        Con:
                - It usings Mime layers in the current wrapping text
                - It would not deal with AuthenticatedData wrapping



My personal preference is to not tie the new evaluation logic to S/MIME but
to CMS.

Jim


<Prev in Thread] Current Thread [Next in Thread>