[Top] [All Lists]

Re: Straw Poll: encoding of authenticated attributes in cms-auth-enveloped ID

2007-03-29 23:06:18

Peter Sylvester <Peter(_dot_)Sylvester(_at_)EdelWeb(_dot_)fr> writes:

I am not sure but why the AuthAttributes are there before the content?
Although a messagedigest is not part of the AuthAttributes, this means
that whene an AuthAttributes for SignedData or AuthenticatedData
requires reading the data, this gets difficult to use. I am thinking
for example a timestamp as attribute.

I've grumbled about that too.  It's an artefact of the way CMC handles
authenticated data, but it makes things really difficult for anything that
isn't CMC.  In particular it makes one-pass processing and streaming
implementations impossible, which was a specific design feature of the CMS