W3C home > Mailing lists > Public > www-xkms@w3.org > July 2004

Order of sign and encrypt

From: tommy lindberg <lindberg_tommy@hotmail.com>
Date: Fri, 09 Jul 2004 09:33:50 +0000
To: www-xkms@w3.org
Message-ID: <BAY12-F23DHJMTD8FIF0000cb1a@hotmail.com>


RegisterResult and RecoverResult may both contain signatures over encrypted
data, however the order of these operations is not explicitly stated in the 
spec.

Given the PrivateKey schema fragment, I'm inclined to draw the conclusion 
that
only encrypt-then-sign is required.  Is this the intention and if so does 
this warrant
a clarifying statement to that effect?

Speculation:

I believe the (un-encrypted) RSAKeyPair is deliberatly omitted from 
PrivateKey so
as to *allow* implementations to mitigate the risk of disclosure of 
sensitive stuff
through, say, the use of special purpose cryptographic hardware that, apart 
from their
primary purpose, also can be programmed to extract the private key 
components from the
surface syntax of an RSAKeyPair element.  I imagine that this design *could* 
stand in the way
of supporting sign-then-encrypt in XKMS  - assuming that 
generating/verifying an enveloped
signature is performed over a schema valid document, which is the only way I 
have explored.


Regards
Tommy

[1] http://www.w3.org/TR/2002/REC-xmlenc-decrypt-20021210

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail
Received on Friday, 9 July 2004 05:34:21 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:22 GMT