Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute
draft-schaad-smime-algorithm-attribute-05

I have two issues with this document, but they are not large enough to form a Discuss. Nevertheless, I hope the authros will find time to address them.

---

The use of the passive voice in the first sentence of the Abstract is
disconcerting!

There is also some missing context!

The second sentence is pretty hard to parse.

Why not write:

   This document defines a new attribute that allows for protection of
   the digest and signature algorithm structures in an authenticated 
   data or a signer info structure used in the Cryptographic Message
   Syntax (CMS).  When the new attribute is used, the algorithm
   definition information is included in the integrity protection 
   process.

The introduction would benefit from a similar (but more verbose) fix.

---

I think it is conventional to include a reference to the ASN.1 spec
that defines the language you are using. Presumably X.208 (1988) and
X.209 (1988) could be added as references.

INTRODUCTION, paragraph 4:
>               Signer Info Algorithm Protection Attribute
>
>    A new attribute is defined that allows for protection of the digest
>    and signature algorithm structures in an authenticated data or a
>    signer info structure.  Using the attribute includes the algorithm
>    definition information in the integrity protection process.

  It's be good if the title and abstract had some context that this
  stuff is about CMS...

Can the section on comparing fields in the verification process (2nd paragraph of section 3) be made more precise? Currently, it says "It is not required that a field which is absent in one case and present in another case  be compared as equivalent". Does that mean it's allowed to compare those as equivalent? Or was the intent that they MUST NOT be equivalent?