RFC Errata
RFC 5752, "Multiple Signatures in Cryptographic Message Syntax (CMS)", January 2010
Source of RFC: smime (sec)
Errata ID: 2027
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2010-01-29
Held for Document Update by: Tim Polk
Date Held: 2010-03-21
Section 5, pg. 8 says:
This section describes recommended processing of signatures when
| there are more than one SignerInfo present in a message. This may be
due to either multiple SignerInfo objects being present in a single
| SignedData object or multiple SignerData objects embedded in each
other.
[...]
Order of operations:
1) Evaluate each SignerInfo object independently.
2) Combine the results of all SignerInfo objects at the same level
| (i.e., attached to the same SignerData object).
| 3) Combine the results of the nested SignerData objects. Note that
this should ignore the presence of other CMS objects between the
SignedData objects.
It should say:
This section describes recommended processing of signatures when
| there is more than one SignerInfo object present in a message. This
may be due to either multiple SignerInfo objects being present in a
| single SignedData object or multiple SignedData objects embedded in
each other.
[...]
Order of operations:
1) Evaluate each SignerInfo object independently.
2) Combine the results of all SignerInfo objects at the same level
| (i.e., attached to the same SignedData object).
| 3) Combine the results of the nested SignedData objects. Note that
this should ignore the presence of other CMS objects between the
SignedData objects.
Notes:
Rationale:
There's no such ASN.1 type/object "SignerData".
Based on the importance of referencing the correct type/object,
the correction to "SignedData" is classified as 'Technical'.
Also a clarification and fix is applied in the first sentence.