W3C home > Mailing lists > Public > xml-encryption@w3.org > July 2001

Re: Decryption Transform

From: Hiroshi Maruyama <MARUYAMA@jp.ibm.com>
Date: Wed, 4 Jul 2001 09:05:45 +0900
To: John Cowan <cowan@mercury.ccil.org>
Cc: "Scherling, Mark" <mscherling@rsasecurity.com>, "'Joe Meadows'" <joe.meadows@boeing.com>, "Joseph M. Reagle Jr." <reagle@w3.org>, John Cowan <cowan@mercury.ccil.org>, John Cowan <jcowan@reutershealth.com>, "Takeshi Imamura" <IMAMU@jp.ibm.com>, xml-encryption@w3.org
Message-ID: <OFB7CA9913.9A39D1C5-ON49256A7F.000045B8@LocalDomain>

John,

> But what we are talking about here is *partly* encrypted documents.  Why
> should one want to sign the whole of such a thing, when it is just as
easy
> to sign only the part one can read?

Because sometimes it is required to cryptographically bind an encrypted
data with
plaintext data.  A good example is SET, where a consumer signs an purchase
order
consisting of (1) a list of ordered items in plaintext and (2) an encrypted
creditcard number.  The recipient of the order, an Internet shop, does not
need to know the creditcard number as long as they can validate it
by sending the encrypted data to a creditcard company.  However, the
shop MUST verify the signature without decrypting the creditcard number.

--
Hiroshi Maruyama
Manager, Internet Technology, Tokyo Research Laboratory
+81-46-215-4576
maruyama@jp.ibm.com
Received on Tuesday, 3 July 2001 20:05:58 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:00 UTC