Format of CMS Enveloped Data

Originator Information

. . .

CMS Enveloped-Data Object

Encrypted Content Information

Certificates (optional)

Content Type

Algorithm ID

Recipient Info (optional)

CRLs (optional)

Set of Per-Recipient Info Values

Recipient Info (optional)

Encrypted Content (optional)

• Recipient info tells the key to use to decrypt

• One info package per recipient (or one per recipient group that shares a pre-placed symmetric key)

• Info comes before encrypted content, so that recipient UA may process enveloped data in one pass

Previous slide

Next slide

Back to first slide

View graphic version