RE: DigestMethod and DigestData

Fredrick said, 

> The XML Encryption document specifies that DigestMethod and 
> DigestData may be
> specified
> within the CipherData element to provide integrity.
>  http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/#sec-CipherData
> 
> I assume the same result could be achieved by not including 
> these elements, but
> using an XML Signature
> on the content to be encrypted, and then encrypting both the 
> content and the
> signature. This would have the additional cost of maintaining 
> the keys for
> signing and implementing XML signatures. 
Correct. And, the spec does not prohibit this (DigestData is optional).

> It would have the 
> benefit of providing
> stronger integrity than a simple hash.

The hash by itself does not provide protection. However, by including it, a
signature can sign the hash (in addition or instead of signing the
ciphertext), providing strong authentication and integrity protection. 
> 
> I propose we leave this up to the application rather than 
> defining the digest
> elements as part of CipherData
As these elements are optional, we do not exclude the other method. If we
remove them, we cannot use this more efficient and flexible method. 
> 
> Alternatively we can leave the optional 
> DigestMethod,DigestData  elements in the
> schema but suggest that stronger (source) integrity be obtained with a
> signature.
The stronger integrity and authentication requires of course signatures, but
the signatures can be applied to the hash of the plaintext (DigestValue). 
> 
> < Frederick
> 
> hirsch@zolera.com
> 

Received on Wednesday, 27 June 2001 03:55:47 UTC