W3C home > Mailing lists > Public > xml-encryption@w3.org > August 2000

RE: encryption in XML & in SMIME

From: Don Davis <dtd@world.std.com>
Date: Tue, 29 Aug 2000 19:55:34 -0500
Message-Id: <l0311070bb5d205523b26@[208.192.101.88]>
To: Ed Simon <ed.simon@entrust.com>
Cc: xml-encryption@w3.org
> Just had a thought as to how one can get the same
> effect of sign/wrap/sign without actually having
> to sign twice.  ... Rather than signing twice,
> two digests [for plaintext and for ciphertext with
> names, respectively] are covered by one signature.

mr. simon,

   i believe it works.  i can't be sure, because
i'm uncertain about the xml-sig syntax.  but the
idea of signing both digests at once is very nice,
and i wish i had thought of it years ago. in fact,
i suggest that you should publish it.

> if this is an XML Signature security issue, then
> it needs to be discussed on the XML Signature list.

   but this isn't an xml-sig security issue at all;
it's a problem that arises only when xml-encryption
is combined with xml-sig.  since the xml-enc standard
will follow the xml-sig standard, it makes sense to
address the issue in the xml-enc draft.  indeed, the
xml-sig draft _cannot_ discuss how signatures should
interact with encryption, since xml-sig can't refer
to a non-existent xml-enc draft.

				- don davis, boston




-
Received on Tuesday, 29 August 2000 19:56:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:17 GMT