- From: tommy lindberg <lindberg_tommy@hotmail.com>
- Date: Fri, 09 Jul 2004 09:33:50 +0000
- To: www-xkms@w3.org
RegisterResult and RecoverResult may both contain signatures over encrypted data, however the order of these operations is not explicitly stated in the spec. Given the PrivateKey schema fragment, I'm inclined to draw the conclusion that only encrypt-then-sign is required. Is this the intention and if so does this warrant a clarifying statement to that effect? Speculation: I believe the (un-encrypted) RSAKeyPair is deliberatly omitted from PrivateKey so as to *allow* implementations to mitigate the risk of disclosure of sensitive stuff through, say, the use of special purpose cryptographic hardware that, apart from their primary purpose, also can be programmed to extract the private key components from the surface syntax of an RSAKeyPair element. I imagine that this design *could* stand in the way of supporting sign-then-encrypt in XKMS - assuming that generating/verifying an enveloped signature is performed over a schema valid document, which is the only way I have explored. Regards Tommy [1] http://www.w3.org/TR/2002/REC-xmlenc-decrypt-20021210 _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Received on Friday, 9 July 2004 05:34:21 UTC