RE: Signed Receipts using Outlook Express

["Pawling, John" <John.Pawling@xxxxxxxxxxxxxxxx>]

Vamsi,

The sample signed receipt in the Examples-06 document is correctly ASN.1
encoded as specified in RFC 2634 (ESS).

RFC 2630 (CMS) defines EncapsulatedContentInfo as follows:
  EncapsulatedContentInfo ::= SEQUENCE {
      eContentType ContentType,
      eContent [0] EXPLICIT OCTET STRING OPTIONAL }
 
RFC 2634 (ESS), Section 2.4, bullet 9 states: "The ASN.1 DER encoded Receipt
content MUST be directly encoded within the signedData encapContentInfo
eContent OCTET STRING defined in [CMS]."

In March 2000, we performed signed receipt interop testing with Microsoft.
We discovered that they were incorrectly ASN.1 encoding signed receipts.
Their original signed receipt was composed of a signedData encapsulating a
Receipt content, but the eContent OCTET STRING tag and length fields were
missing.  After they fixed their code to correctly ASN.1 encode the receipt
structure inside of the signedData encapContentInfo eContent OCTET STRING,
then we were able to successfully use the S/MIME Freeware Library to ASN.1
decode and verify their signed receipts.

===========================================
John Pawling, John.Pawling@xxxxxxxxxxxxxxxx
Getronics Government Solutions, LLC
===========================================


-----Original Message-----
From: Vamsi Motukuru [mailto:vamsi@xxxxxxxxx]
Sent: Friday, April 06, 2001 3:16 PM
To: ietf-smime-examples@xxxxxxx
Subject: Signed Receipts using Outlook Express




While looking at the S/MIME ESS signed-receipt message generated using 
Outlook Express 5.0 on Windows 2000, I noticed that in the
' EncapsulatedContentInfo'  field of the CMS 'Signed-Data' ASN.1 structure,
the
    eContent [0] EXPLICIT OCTET STRING
is instead encoded as a
    eContent [0] EXPLICIT SEQUENCE

Is this a known issue or am I mistaken ?

Thanks in advance,

Vamsi Motukuru