On Fri, 7 Jul 2000 tgindin@us.ibm.com wrote: > In short, normalizing prior to digesting AVOIDS allowing > inconsequential changes to change the digest. If I have misunderstood the > point of the section cited, I'm sure someone will correct me. Your scenario is correct as far as it goes. But consider a signed document that contains an element or attribute named "autorisation_de_découvert" ("credit limit"). A forged version of the document that contained the name "autorization_de_de'couvert" (where ' = COMBINING ACUTE) would pass a normalization + signature check. However, the document processor might well fail to recognize it as having the semantics of "credit limit" and treat it as unknown and to be ignored. Bad news: the forger now appears to have unlimited credit! -- John Cowan cowan@ccil.org C'est la` pourtant que se livre le sens du dire, de ce que, s'y conjuguant le nyania qui bruit des sexes en compagnie, il supplee a ce qu'entre eux, de rapport nyait pas. -- Jacques Lacan, "L'Etourdit"Received on Friday, 7 July 2000 21:52:48 UTC
This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:34 UTC