W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

RE: Signing and Encryption

From: Philip Hallam-Baker <pbaker@verisign.com>
Date: Tue, 23 Jan 2001 09:01:05 -0800
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F40154C7CE@vhqpostal.verisign.com>
To: "'Yongge Wang'" <ywang@certicom.com>, xml-encryption@w3.org
I think the attack was probably brought up in the RSA meetings on PKCS.

The real problem with sign after encrypt was the scope of the signature,
which failed to include the key data, since fixed. There is no intrinsic
problem with the order of the processes, it is simply a matter of doing the
job right instead of wrong.

Note that encrypt after sign still requires the signature blob to be
encrypted to do the job properly.

Maybe what this is pointing to is that the model of separating signing and
encryption might not be as neat as people thought... We may need an element
<crypto> as container for all the signature and encryption data.


	Phill 
Received on Tuesday, 23 January 2001 12:01:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT