W3C home > Mailing lists > Public > w3c-xml-sig-ws@w3.org > April 1999

Re: Proposed Draft Chart and Officer Nominations

From: Phillip hallam-Baker <pbaker@verisign.com>
Date: Wed, 7 Apr 1999 09:26:26 -0700
Message-ID: <003701be8113$77e487e0$42060a0a@pbaker-pc2.verisign.com>
To: <rdbrown@globeset.com>, "'Joseph M. Reagle Jr. (W3C)'" <reagle@w3.org>, "'Signed-XML Workshop'" <w3c-xml-sig-ws@w3.org>
Cc: <xml-dsig@globeset.com>

>So, I suggest that we extend the mission statement of this activity beyond
>Signature and that we also provide for Authentication Codes (already
>considered in Digital Signature for XML Proposal) and Confidentiality
>envelopes (encryption).


I disagree, a signature is logically an attribute related to the document,
something which once created may be considered a part of the document+
attributes package.

Confidentiality is a service which may be achieved in many ways, 
including IPSEC and SSL. Non-repudiation is a service which can 
only be realistically provided at the message layer, that is the
piece which transport and network layer security really can't 
provide.


The only advantage to implementing message layer confidentiality 
services is if you need to relay messages through caches or other
relay devices (mail servers) and want to preserve the end to end 
properties. PKCS#7 more than adequately addresses that need.

        Phill
Received on Wednesday, 7 April 1999 12:26:11 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 11:28:03 EDT