Hi Jim An observation on the CMS draft is that you currently have the keyatt-eps-kek defined as a SignedData structure.
The standard CMS signature creation and verification APIs expect to have the ContentInfo structure as the output\input data stream as defined by S/MIME defines. Net result when using these standard APIs is we end up manually removing the ContentInfo structure on creation and adding it on verification when processing the keyatt-eps-kek attribute. While not strictly necessary, it would streamline the code path if we were to use ContentInfo as we can skip the manual adding\removal of the ContentInfo structure. Trevor
_______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
