The "MIC-Info:" encapsulated header field, used only when asymmetric key management is employed for at least one recipient of a message, carries three arguments, separated by commas. The first argument identifies the algorithm under which the accompanying MIC is computed. The second argument identifies the algorithm under which the accompanying MIC is signed. The third argument represents a MIC signed with an originator's private key.
For the case of ENCRYPTED PEM messages, the signed MIC is, in turn, symmetrically encrypted using the same DEK, algorithm, mode and cryptographic parameters as are used to encrypt the message's encapsulated text. This measure prevents unauthorized recipients from determining whether an intercepted message corresponds to a predetermined plaintext value.
Appropriate MIC algorithms and identifiers, signature algorithms and identifiers, and signed MIC formats are defined in RFC 1423.
A "MIC-Info:" field will occur after a sequence of fields beginning with a "Originator-ID-Asymmetric:" or "Originator-Certificate:" field and followed by any associated "Issuer-Certificate:" fields. A "MIC-Info:" field applies to all subsequent recipients for whom asymmetric key management is used, until and unless overridden by a subsequent "Originator-ID-Asymmetric:" or "Originator-Certificate:" and corresponding "MIC-Info:".