RFC Errata
RFC 5755, "An Internet Attribute Certificate Profile for Authorization", January 2010
Source of RFC: pkix (sec)See Also: RFC 5755 w/ inline errata
Errata ID: 3731
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Leonardo Cotta de Almeida
Date Reported: 2013-09-18
Verifier Name: Barry Leiba
Date Verified: 2014-01-14
Section 7.1 says:
Within EnvelopedData, the encapsulatedContentInfo identifies the content type carried within the ciphertext. In this case, the contentType field of encapsulatedContentInfo MUST contain id-ct- attrCertEncAttrs, which has the following value:
It should say:
Within EnvelopedData, the encryptedContentInfo identifies the content type carried within the ciphertext. In this case, the contentType field of encryptedContentInfo MUST contain id-ct- attrCertEncAttrs, which has the following value:
Notes:
The EnvelopedData structure has no "EncapsulatedContentInfo". It has a "EncryptedContentInfo":
EnvelopedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
encryptedContentInfo EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
CMS objects that carry a "EncapsulatedContentInfo" are of type "SignedData":
SignedData ::= SEQUENCE {
version CMSVersion,
digestAlgorithms DigestAlgorithmIdentifiers,
encapContentInfo EncapsulatedContentInfo,
certificates [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
signerInfos SignerInfos }
Source: RFC 5652 (unchanged at least since RFC 3852).