Okay the oid in AuthEnvelopedData EncryptedContentInfo
contentEncryptionAlgorithm field is all encompassing.
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Russ
Housley
Sent: Tuesday, February 13, 2007 12:56 PM
To: turners(_at_)ieca(_dot_)com
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt
Sean:
Two comments/questions:
Sec 2.1: Don't we need an algorithm identifier for the mac algorithm?
No. Authenticated encryption provides both. Please see
draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt to see two examples.
Sec 2.1: Since the mac description says a digest is not used
should we
say in the authAttrs description that the message digest
attribute must
not be included if authenticated attributes are included
(9.1 requires
message digest if authenticated attributes are used)?
Yes. That is a good improvement.
Russ