Multiple Signatures in Cryptographic Message Syntax (CMS)
Note: This ballot was opened for revision 05 and is now closed.
(Jari Arkko) Yes
The document says: If both SignerInfo objects are not present, the relying party can easily determine that another SignerInfo has been removed. My english may not be perfect, but doesn't "both X are not present" mean that there are no Xs at all in the message? Consider writing this as "If either SignerInfo object is missing, the relaying party ..."
(Russ Housley) Yes
(Tim Polk) Yes
(Ron Bonica) No Objection
(Ross Callon) No Objection
(Lisa Dusseault) No Objection
(Lars Eggert) No Objection
(Pasi Eronen) No Objection
I found this document quite difficult to understand -- I'd suggest doing some editorial work especially in Section 3 (the last bullet before the example), Section 4.6, and Section 5. Section 7: for future reference, it wouldn't hurt to say how the OIDs have been assigned (and this information shouldn't be removed by the RFC editor). In OIDs, both spellings "pkcs9(9)" and "pkcs-9(9)" are used. [PROFILE] should point to RFC5280, unless the reference to 3280 is intentional (if it is, a short explanation would be useful). Section 3: the last two lines should probably have one more level of indentation?