Technical Summary
This document updates the Cryptographic Message Syntax as specified
in RFC 5652 to ensure that algorithm identifiers in signed-data
and authenticated-data content types are adequately protected.
It does so by making two changes: requiring that the originator
use the same hash algorithm to compute the digest of the message
content and the digest of signed attributes, and recommends that
the originator use the CMSAlgorithmProtection attribute [RFC6211].
Working Group Summary
There is consensus for this document in the LAMPS WG.
Document Quality
Nothing of note arose during the review of the document. This updated CMS guidance is not yet being implemented.
Personnel
Tim Hollebeek is the document shepherd.
Roman Danyliw is the responsible area director.