If signing a document is akin to making an assertion about a document, I could perceive some value in keeping certain assertions made about a document private from third parties. I'm hard pressed to think of an example where storing those assertions with the document would be an absolute necessity however, so perhaps it's a non-issue. Cheers, Joe Meadows >Additionally there is should be no case where someone wants to encrypt the >signature, without encrypting the data that is signed. The signature only >asserts the validity of the information, if a portion of the data is >encrypted the underlying hash of the signature can be attacked (albeit with >very low probability of success). The result is that (from the attackers >perspective) it is far more important to know the data (any part of the >data) than to know the signature. > Joe >Received on Monday, 29 January 2001 16:38:43 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 27 May 2007 00:08:56 GMT