W3C home > Mailing lists > Public > xml-encryption@w3.org > July 2001

Re: Decryption Transform

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Wed, 4 Jul 2001 00:24:45 +0900
To: John Cowan <cowan@mercury.ccil.org>
Cc: "Joseph M. Reagle Jr." <reagle@w3.org>, John Cowan <jcowan@reutershealth.com>, "Hiroshi Maruyama" <MARUYAMA@jp.ibm.com>, xml-encryption@w3.org
Message-ID: <OFBDD531F8.D05F229A-ON49256A7E.00535C81@LocalDomain>


I understand what you say, but I feel that it's natural to distinguish
signature over encrypted data from signature over its clear text (i.e.,
signing encrypted data does not mean that you agree on its clear text) and
so I like Joseph's example.  Do you know any cases where both signatures
are regarded as the same?

Tokyo Research Laboratory
IBM Research

From: John Cowan <cowan@mercury.ccil.org> on 2001/07/03 11:17

Please respond to John Cowan <cowan@mercury.ccil.org>

To:   "Joseph M. Reagle Jr." <reagle@w3.org>
cc:   John Cowan <jcowan@reutershealth.com>, Takeshi
      Imamura/Japan/IBM@IBMJP, Hiroshi Maruyama/Japan/IBM@IBMJP,
Subject:  Re: Decryption Transform

Joseph M. Reagle Jr. scripsit:

> /+(Alice's signature over Bob's encrypted data does not mean she signs
> clear text equivalent; as Alice only "signs what she sees", she signs the
> encrypted data and nothing more.)+/

But now we are back where we started, with Alice taking the role of sucker,
signing what she doesn't understand.

I am arguing that the whole verify-decrypt-verify scenario is bad practice:
it comes about only if people sign encrypted material, *which they should
never do*.  We may need it nonetheless to compensate for pre-existing
bad practice.

John Cowan                                   cowan@ccil.org
One art/there is/no less/no more/All things/to do/with sparks/galore
     --Douglas Hofstadter
Received on Tuesday, 3 July 2001 11:24:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:04 UTC