W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

Re: Signing and Encryption

From: Joseph Ashwood <jashwood@arcot.com>
Date: Tue, 23 Jan 2001 11:13:30 -0800
Message-ID: <051401c08570$955faa80$2a0210ac@livermore>
To: <xml-encryption@w3.org>
----- Original Message -----
From: "Yongge Wang" <ywang@certicom.com>
> Now the problem is that when try to encrypt something, we should have a
> mechanism to check whehter
> the content has been signed somewhere else... Any suggestion on this?

We cannot strictly verify whether or not the content has been signed
somewhere else, if we encrypt data in place and invalidate all signatures,
so be it, cryptographically that is the correct behavior, encryption alters
the data, altering of data invalidates signatures. This is a commonly known
risk of detached signatures, we should leave it as is (in fact we must). The
attached signatures are a different matter, it needs to be verified that the
granularity of the encryption is such that if the data to be signed is
signed at a higher level the encryption needs to take place at the higher
level. The lower level case we don't need to concern ourselves with, we will
afterall be encrypting the signature along with it (provided it is
attached). It seems the main issue is the signature at a higher level than
the current, and whether or not we should consider encryption to be
tampering. I am not a business flow person, I am a cryptography person, so I
can't judge the business flow ramifications. Should we create an explicit
rule governing that if data is encrypted after signing, the data to be
encrypted must include the signature on that data?
Received on Tuesday, 23 January 2001 14:13:51 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC