I have discussed this issue with Russ Housley and have decided to bring it to
the public concern. Russ have proposed to deal depending on a particular
algorithm. I, in contrast, think that this issue is abstract and is not related
to any particular algorithm.
Could you please suggest how to deal with the missing algorithm parameters of
signatureAlgorithm inside SignerInfo type of SignedData?
I have found a message signed by an elliptic curve algorithm where signature
algorithm parameters of signatureAlgorithm inside SignerInfo where empty, and
the elliptic curve algorithm didn’t work without the parameters. If I take the
parameters from SubjectPublicKeyAlgorithm of signer’s certificate (sid
SignerIdentifier), then the signature verification was successful.
1. Is it allowed to take algorithm parameters from signer’s certificate if
they are omitted in signatureAlgorithm of SignerInfo, or I should treat such a
signature as invalid?
2. If the parameters are both present and different, should I treat the
signature as invalid or one parameter should overwrite another?
Should we cover this case in a next revision of RFC3369?
Thank you in advance, and Happy New Year.