> I agree that signature needs to be encrypted, but I'm not sure why entire > signed data also needs to be encrypted. Encrypting any portion of signed At least the <SignedInfo> element should be encrypted. that contains the the hash value, which makes the Dictionary attack possible. > data will make signature invalid, but to recover the signature, we > introduce EncryptedReference element. The element can be used as follows > (I wrote before that the element may appear within ds:SignaturePropery > element, but I changed my mind ...).Received on Friday, 26 January 2001 10:03:06 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT