RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 5652, "Cryptographic Message Syntax (CMS)", September 2009

Source of RFC: smime (sec)

Errata ID: 2026
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Alfred Hoenes
Date Reported: 2010-01-28
Held for Document Update by: Tim Polk

Section 5.3, pg. 15 says:

[[  around the page break from page 14 to page 15: ]]

      digestAlgorithm identifies the message digest algorithm, and any
      associated parameters, used by the signer.  The message digest is
      computed on either the content being signed or the content
<< page break >>
      together with the signed attributes using the process described in
      Section 5.4.  The message digest algorithm SHOULD be among those
|     listed in the digestAlgorithms field of the associated SignerData.
                                                             ^^^^^^^^^^
      Implementations MAY fail to validate signatures that use a digest
      algorithm that is not included in the SignedData digestAlgorithms
      set.

It should say:

      digestAlgorithm identifies the message digest algorithm, and any
      associated parameters, used by the signer.  The message digest is
      computed on either the content being signed or the content
      together with the signed attributes using the process described in
      Section 5.4.  The message digest algorithm SHOULD be among those
|     listed in the digestAlgorithms field of the associated SignedData.
      Implementations MAY fail to validate signatures that use a digest
      algorithm that is not included in the SignedData digestAlgorithms
      set.

Notes:

Rationale:
There's no such ASN.1 type/object named "SignerData" in relevant
specifications. Text should refer to "SignedData" instead.
This is an undetected legacy flaw inherited literally from RFC 2630,
RFC 3369, and RFC 3852.

Report New Errata