[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Post-last-call status of the S/MIME examples draft
Some more input
5.9.eml
Jim Schaad: Fail
signatureAlgorithm of dsa not dsaWithSha1
11.3.bin
Jim Schaad: Pass
I think I should be able to work through all of sections 6, 8 & 9 by the
end of this week. I don't have anything external on my plate at the
moment.
jim
> -----Original Message-----
> From: owner-ietf-smime@xxxxxxxxxxxx
> [mailto:owner-ietf-smime@xxxxxxxxxxxx] On Behalf Of Paul Hoffman / IMC
> Sent: Friday, May 23, 2003 6:11 AM
> To: ietf-smime-examples@xxxxxxx; ietf-smime@xxxxxxx
> Subject: Post-last-call status of the S/MIME examples draft
>
>
>
> Greetings again. Here's my collected notes from the WG mailing list,
> the smime-examples mailing list, and off-list mail. I summarize at
> the end.
>
> ====================
>
> 4. Trivial Examples
>
> 4.1 ContentInfo with Data type, BER
> John Pawling: tested OK.
> Jim Schaad: tested OK.
>
> 4.2 ContentInfo with Data type, DER
> John Pawling: tested OK.
> Jim Schaad: tested OK.
>
> 5. Signed-data
> Jim Schaad pointed out that many examples had the
> signatureAlgorithm of 1.2.840.10040.4.1 (dsa) but it
> should instead
> be 1.2.840.10040.4.3 (dsaWithSha1).
> The general decision was that the examples should have dsaWithSha1.
> John Pawling and Sue Beauchamp at DigitalNet agreed to re-generate
> the examples.
>
> 5.1 Basic signed content, DSS
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: failed.
> signatureAlgorithm is dsa but should be dsaWithSha1
> Sue Beauchamp sent new example file.
>
> 5.2 Basic signed content, RSA
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: tested OK.
>
> 5.3 Basic signed content, detached content
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: failed.
> Contains Alice's RSA certificate
> No content hint unsigned attribute
> signatureAlgorithm is dsa but should be dsaWithSha1
> Sue Beauchamp sent new example file.
>
> 5.4 Fancier signed content
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Sue Beauchamp sent new example file.
>
> 5.5 All RSA signed message
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: tested OK.
>
> 5.6 Multiple signers
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: failed.
> signatureAlgorithm is dsa but should be dsaWithSha1
> Sue Beauchamp sent new example file.
>
> 5.7 Signing using SKI
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: failed.
> signatureAlgorithm is dsa but should be dsaWithSha1
> Sue Beauchamp sent new example file.
>
> 5.8 S/MIME multipart/signed message
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
>
> 5.9 S/MIME application/pkcs7-mime signed message
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
>
> 5.10 SignedData With Attributes
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
> Jim Schaad: failed.
> Change "unknown OID" to "unknown OID (1.2.5555)"
> Content Hint should have an OID of 1.2.840.113549.1.7.1
> Content Identifier attribute absent
> Contains Security Label attribute
> Contains encrypt key preference attribute
> Contains ML Expansion History attribute
> Contains Equivalent Label attribute
>
> 5.11 SignedData with Certificates Only
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
>
> 6. Enveloped-data
>
> 6.1 Basic encrypted content, TripleDES and DH
> John Pawling: tested OK.
>
> 6.2 Basic encrypted content, TripleDES and RSA
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
>
> 6.3 Basic encrypted content, RC2/40 and RSA
> Blake Ramsdell: this is actually a 128-bit key.
> Jeff Jacoby: confirmed Blake's assertion.
> Paul Hoffman: thinks we could just change the title of the example.
> John Pawling: tested OK.
> Blake Ramsdell: tested OK.
>
> 6.4 Encrypted content, two recipients, no shared keying material
> John Pawling: tested OK but noted unsuccessful Invalid tag for
> privateKeyInfo for second login.
>
> 6.5 Encrypted content, two recipients, shared keying material
> John Pawling: could not test due to bug in his code.
>
> 6.6 Encrypted content, TripleDES and DH, previously-distributed keys
> John Pawling: tested OK.
>
> 6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys
> John Pawling: tested OK.
>
> 6.8 S/MIME application/pkcs7-mime encrypted message
> John Pawling: tested OK.
>
> 6.9 EnvelopedData with All Recipient Types
> John Pawling: tested OK.
>
> 6.10 EnvelopedData with KARI RC2 Encryption
> John Pawling: tested OK.
>
> 6.11 EnvelopedData with KEK 3DES Encryption
> John Pawling: tested OK.
>
> 7. Digested-data
> Blake Ramsdell: tested OK.
>
> 8. Encrypted-data
>
> 8.1 Simple EncryptedData
> Blake Ramsdell: tested OK.
>
> 8.2 EncryptedData with unprotected attributes
>
> 9. Authenticated-data
> There are still no examples in this section.
>
> 10. Key Wrapping
> John Pawling: tested OK.
>
> 10.1 Wrapping RC2
> John Pawling: tested OK.
>
> 10.2 Wrapping TripleDES
> John Pawling: tested OK.
>
> 11. ESS Examples
>
> 11.1 ReceiptRequest
> John Pawling: test failed, has sent new example file.
>
> 11.2 Receipt
> John Pawling: test failed, has sent new example file.
>
> 11.3 eSSSecurityLabel
> John Pawling: tested OK.
>
> 11.4 EquivalentLabels
> John Pawling: tested OK.
>
> 11.5 mlExpansionHistory
> John Pawling: tested OK.
>
> 11.6 SigningCertificate
> John Pawling: tested OK.
>
> ====================
>
> Everything has been tested by at least one person *except* "8.2
> EncryptedData with unprotected attributes". If no ones tests this, we
> will probably get rid of it. Can anyone whose software handles
> EncryptedData please test example 8.2 and let me and/or the list know
> the results?
>
> All examples that had test failures have been re-submitted to my by
> the DigitalNet folks *except* 5.10, which Jim Schaad had a lot of
> problems with. Could someone generate a new example of 5.10? It would
> be valuable to have it in the document.
>
> --Paul Hoffman, Director
> --Internet Mail Consortium
>