[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CMS attributes question
Some specification that make use of CMS mandate support for
additional attributes. These attributes are vital in the application
environment. I know that S/MIME requires support for some, and
recommends support for a few others. I think that time stamps are in
a similar situation.
At 04:31 AM 3/19/2009, Julien Stern wrote:
thank you for your answer.
Isn't it dangerous to ignore a _signed_ attribute ?
In the case of an attribute such as ESSCertID or ESSCertIDV2 (RFC
2634 ou RFC 5035), an implementation ignoring the attribute can give
inconsistent results versus a implementation not ignoring the result
(e.g. the signature is valid vs the signature has been forged).
Also, when you are writing the these attributes are ignored, do you
mean that they MUST be ignored or that they MAY be ignored? E.g. if
my implementation fails upon receiving a signature with an unknown
signed attribute, would you consider this non-standard? Or is this
behavior up to the implementor?
Russ Housley a écrit :
Unrecognized attributes are ignored. RFC 3852 requires support for
the content type and message digest attributes, but all others can
be ignored if they are not recognized.
At 01:40 PM 3/18/2009, Julien Stern wrote:
We have a question related to CMS that was raised during an ETSI
session around the CAdES standard:
we were wondering whether the behavior of an implementation
encountering an unknown attribute was defined. One line of
thinking is that an _unsigned_ attribute can be ignored by an
implementation, but that the signature validation should fail if
an unknown _signed_ attribute is encountered.
Is this behavior somehow defined in CMS (I did not see it, but I
might have missed it)?
Otherwise, what do you think? What does your implementation do
when it encounters an unknown signed attribute?