W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2001

Re: Signing and Encryption

From: Joseph Ashwood <jashwood@arcot.com>
Date: Thu, 1 Feb 2001 13:43:33 -0800
Message-ID: <110001c08c9a$e7542ec0$2a0210ac@livermore>
To: <xml-encryption@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
----- Original Message -----
From: "Joseph M. Reagle Jr." <reagle@w3.org>
> what *must* be encrypted in a Signature when the
> content it signs is also encrypted: the Reference Digests (hashes over
> content being signed: yes), the SignatureValue (hash+key over SignedInfo:
> ?), or both?

Both. In even the most obscure signature algorithms the hash can be verified
by knowing the hash and the public key.
                        Joe
Received on Thursday, 1 February 2001 17:04:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC