Unrecognized attributes are ignored. RFC 3852 requires support for
the content type and message digest attributes, but all others can be
ignored if they are not recognized.
Russ
At 01:40 PM 3/18/2009, Julien Stern wrote:
Hi list,
We have a question related to CMS that was raised during an ETSI
session around the CAdES standard:
we were wondering whether the behavior of an implementation
encountering an unknown attribute was defined. One line of thinking
is that an _unsigned_ attribute can be ignored by an implementation,
but that the signature validation should fail if an unknown _signed_
attribute is encountered.
Is this behavior somehow defined in CMS (I did not see it, but I
might have missed it)?
Otherwise, what do you think? What does your implementation do when
it encounters an unknown signed attribute?
Regards,
--
Julien