- From: Gregor Karlinger <gregor.karlinger@iaik.at>
- Date: Fri, 12 Mar 2004 16:52:09 +0100
- To: "w3c.xmldsig ML" <w3c-ietf-xmldsig@w3.org>
- Message-ID: <011d01c4084a$036aceb0$6400a8c0@GKARLINGER>
Sorry, forgot to post my answer to Anders' question to the list. /Gregor -----Ursprüngliche Nachricht----- Von: Gregor Karlinger Gesendet: Mittwoch, 10. März 2004 18:15 An: Anders Rundgren Betreff: AW: XAdES - More secure than XML Dsig? Anders, > -----Ursprüngliche Nachricht----- > Von: w3c-ietf-xmldsig-request@w3.org [mailto:w3c-ietf-xmldsig- > request@w3.org] Im Auftrag von Anders Rundgren > Gesendet: Mittwoch, 10. März 2004 14:37 > An: w3c-ietf-xmldsig@w3.org > Betreff: XAdES - More secure than XML Dsig? > > > According to some users of XAdES, it is more secure > as you also sign the hash of the signer's certificate in > order to thwart changing this element. The reason why XadES provides a possibility to sign the signer certificate is that there are some CAs which generate more than a single certificate per private/public key pair. For instance, you can think of a certificate which you use for private matters, and another which you use for business matters. Both certificates contain the same public key. In such a scenario it might be of interest for the relying party if you have used your private certificate or your public certificate, so you can sign the certificate as well. However, I do not think that modelling the signer role per using different certs for the same key is a good practice. Rather the relying party should deduce this from the context, for instance from the data being signed (as you do it in the paper world as well), or from another signature attribute which XadES provides (Signer Role). /Gregor
Received on Friday, 12 March 2004 10:52:51 UTC