Re: [smime] SignatureType Attribute OID

You may be correct, but the OID for this attribute was assigned.  We know the 
authors did some implementation, so it would be nice to hear what was actually 
done.

Russ


On Oct 18, 2013, at 11:03 AM, Jim Schaad wrote:

> I made the assumption that the attribute is actually identified by id-sti
> instead of id-aa-signtureType.  
>
> It was done the other way in a draft document.   I guess we would need to
> query the authors if it is wrong.
>
> Jim
>
>
> > -----Original Message-----
> > From: Russ Housley [mailto:housley(_at_)vigilsec(_dot_)com]
> > Sent: Friday, October 18, 2013 7:03 AM
> > To: Jim Schaad
> > Cc: 'IETF SMIME'
> > Subject: Re: [smime] SignatureType Attribute OID
> >
> > I'm not sure.  RFC 3183 says:
> >
> >   An S/MIME signed attribute is used to indicate the type of signature.
> >   This should be used in conjunction with the naming conventions
> >   specified in the previous section.  When an S/MIME signed message
> >   containing the signature type attribute is received it triggers the
> >   software to verify that the correct naming convention has been used.
> >
> >   The ASN.1 [4] notation of this attribute is: -
> >
> >      SignatureType ::= SEQUENCE OF OBJECT IDENTIFIER
> >
> > It seems to me that the specification fails to also say that the signature
> type
> > attribute is identified by
> >
> > > > id-aa-signatureType        OBJECT IDENTIFIER ::= { id-aa 28 }
> > Russ
> >
> >
> > On Oct 17, 2013, at 6:15 PM, Jim Schaad wrote:
> >
> > > Mistype -
> > >
> > > RFC 3183 seems to be where it started from - but is now using a
> different
> > > marker.  However, it seems to have been overloaded in a strange way.  I
> > > think this may be a fault in the way the RFC progressed.
> > >
> > > Jim
> > >
> > >
> > > > -----Original Message-----
> > > > From: smime-bounces(_at_)ietf(_dot_)org 
> > > > [mailto:smime-bounces(_at_)ietf(_dot_)org] On
> > > > Behalf Of Russ Housley
> > > > Sent: Thursday, October 17, 2013 2:54 PM
> > > > To: IETF SMIME
> > > > Subject: [smime] SignatureType Attribute OID
> > > >
> > > > The S/MIME arc contains an assignment for this OID.
> > > >
> > > > id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
> > > >         us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 }
> > > >
> > > > id-aa   OBJECT IDENTIFIER ::= { id-smime  2 }  -- attributes
> > > >
> > > > id-aa-signatureType        OBJECT IDENTIFIER ::= { id-aa 28 }
> > > >
> > > > I cannot find an RFC that makes use of this OID.  Does anyone know
> > where
> > > it
> > > > it used?  It seems to be related to the Domain Security stuff in RFC
> 3183,
> > > but
> > > > it is not used in that document.
> > > >
> > > > If no one can point me to a place where this OID is used, I will mark
> it
> > > > "reserved and obsolete".
> > > >
> > > > Russ

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime