Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute
RFC 6211

Note: This ballot was opened for revision 05 and is now closed.

Lars Eggert No Objection

Comment (2011-01-17 for -)
No email
send info
INTRODUCTION, paragraph 4:
>               Signer Info Algorithm Protection Attribute
>
>    A new attribute is defined that allows for protection of the digest
>    and signature algorithm structures in an authenticated data or a
>    signer info structure.  Using the attribute includes the algorithm
>    definition information in the integrity protection process.

  It's be good if the title and abstract had some context that this
  stuff is about CMS...

(Sean Turner; former steering group member) Yes

Yes ( for -)
No email
send info

(Adrian Farrel; former steering group member) No Objection

No Objection (2011-01-18 for -)
No email
send info
I have two issues with this document, but they are not large enough to form a Discuss. Nevertheless, I hope the authros will find time to address them.

---

The use of the passive voice in the first sentence of the Abstract is
disconcerting!

There is also some missing context!

The second sentence is pretty hard to parse.

Why not write:

   This document defines a new attribute that allows for protection of
   the digest and signature algorithm structures in an authenticated 
   data or a signer info structure used in the Cryptographic Message
   Syntax (CMS).  When the new attribute is used, the algorithm
   definition information is included in the integrity protection 
   process.

The introduction would benefit from a similar (but more verbose) fix.

---

I think it is conventional to include a reference to the ASN.1 spec
that defines the language you are using. Presumably X.208 (1988) and
X.209 (1988) could be added as references.

(Alexey Melnikov; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Dan Romascanu; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Gonzalo Camarillo; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Peter Saint-Andre; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Ralph Droms; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Robert Sparks; former steering group member) No Objection

No Objection (2011-01-19 for -)
No email
send info
Can the section on comparing fields in the verification process (2nd paragraph of section 3) be made more precise? Currently, it says "It is not required that a field which is absent in one case and present in another case  be compared as equivalent". Does that mean it's allowed to compare those as equivalent? Or was the intent that they MUST NOT be equivalent?

(Ron Bonica; former steering group member) No Objection

No Objection ( for -)
No email
send info

(Russ Housley; former steering group member) (was Discuss) No Objection

No Objection ()
No email
send info

(Stewart Bryant; former steering group member) No Objection

No Objection ( for -)
No email
send info