ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-multisig-00.txt

2006-12-27 09:37:32

Denis:

You make some good points about the document, and I am sure that they will spur discussion. However, I want to talk about this part of your message:

This document is necessary so that draft-ietf-smime-cms-mult-sign-02.txt may be applicable.
The two documents should be merged.

Let me explain briefly :draft-ietf-smime-cms-mult-sign-02.txt does not provide any means so that, at the CMS level, an application can figure out that the same signer has placed two SignerInfo structures.
This new draft fills in the gap.

This is not accurate. In fact, for the transition that we are facing right now, from RSA with SHA-1 to RSA with SHA-256, the document does provide the means to determine that two SignerInfo structures are associated with the same signer. Yet, other transitions require more knowledge of the application, and the document warns about this situation.

S/MIME is not the only application that uses CMS. I think the documents should remain separate.

Russ