RFC 5652, "Cryptographic Message Syntax (CMS)", September 2009Source of RFC: smime (sec)
Errata ID: 3867
Status: Held for Document Update
Publication Format(s) : TEXT
Reported By: Jos Breek
Date Reported: 2014-01-16
Held for Document Update by: Kathleen Moriarty
Date Held: 2015-03-24
Section 5.3 says:
digestAlgorithm identifies the message digest algorithm, and any associated parameters, used by the signer.
It should say:
digestAlgorithm identifies the message digest algorithm, and any associated parameters, used by the signer in the signature Generation Process.
The text stated that the message digest algorithm is "used by the signer". It is unclear for what purpose the message digest algorithm is used. This recommendation is editorial and was accepted.
Additional text provided was not accepted as there is no requirement that digest used on the body is the same as the digest used in the signature operation.
The following sentence was suggested (and rejected):
"The message digest algorithm shall be equal to the message
digest algorithm used in the signatureAlgorithm field."
With the explanation in the original errata report for this additional sentence as:
There are implementations that use the message digest algorithm specified in the messageDigest field instead of the message digest algorithm specified in the signatureAlgorithm.
Is the purpose of the messageDigest field to nest the hashing algorithm used in the signing process? If so, please use the corrected text to clarify the goal of the field.