[Top] [All Lists]

Re: [smime] eContentType for detached signatures

2014-05-02 10:11:48
On May 2, 2014, at 8:01 AM, Russ Housley <housley(_at_)vigilsec(_dot_)com> 


Your last point is incorrect.  There have been many I-D signatures that are 
correct using id-ct-asciiTextWithCRLF.  There are software bugs, and they 
are being worked, but some of the signatures are valid.

Are you saying there will be significant negative operational impact of 
replacing those signatures with new ones? Given the "some" in that last 
sentence, I'm not sure I can imagine the problems.

New signatures need to be generated for the I-D where there was a 
canonicalization problem.  The ones that did not have a canonicalization 
problem do not need new signatures.

Quite true. We could have two different content types on the signatures, the 
old and the new. That seems silly, though, if no one is relying on the old 

--Paul Hoffman
smime mailing list