RFC 3852, "Cryptographic Message Syntax (CMS)", July 2004
Note: This RFC has been obsoleted by RFC 5652Source of RFC: smime (sec)
Errata ID: 1756
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2009-04-04
Verifier Name: Tim Polk
Date Verified: 2009-06-05
Section 10.1.2 says:
The SignatureAlgorithmIdentifier type identifies a signature algorithm. Examples include RSA, DSA, and ECDSA.
It should say:
The SignatureAlgorithmIdentifier type identifies a signature algorithm, and it can also identify a message digest alforithm. Examples include RSA, DSA, DSA with SHA-1, ECDSA, and ECDSA with SHA-256.
Some people have taken the original text to mean that compound signature algorithm identifiers should not be used. This is not the case. Section 12.2 of RFC 2630 (the grandfather of RFC 3852) clearly requires the implementation of id-dsa-with-sha1, which is a compound signature algorithm.