At 9:31 AM +0100 3/19/09, Julien Stern wrote:
Isn't it dangerous to ignore a _signed_ attribute ?
No. The fact that the signer wanted the data to be protected in transport
doesn't mean that it is inherently important to the recipient. The decision to
sign an attribute is usually made by the software developer (and could come
down to "well, why not?"), not the sender.
Also, when you are writing the these attributes are ignored, do you mean that
they MUST be ignored or that they MAY be ignored? E.g. if my implementation
fails upon receiving a signature with an unknown signed attribute, would you
consider this non-standard? Or is this behavior up to the implementor?
The latter. Remember, we can't say what it really means to "understand" an
attribute.