On 18.03.2023 00:15, Lucas Pardue wrote: > Hi Julian, > > On Sun, 12 Mar 2023, 13:13 Julian Reschke, <julian.reschke@gmx.de > <mailto:julian.reschke@gmx.de>> wrote: > > Hi there, > > > Signatures are likely to be deemed an adversarial setting when > applying Integrity fields; see Section 5. Using signatures to protect > the checksum of an empty representation allows receiving endpoints to > detect if an eventual payload has been stripped or added. > > I understand the case where a representation was *added* (where > previously it was empty). But the opposite case? > > > Thanks for raising this. IIRC I think the intention was to describe a > scenario where signatures are used with digest and that either a) there > is nothing to send, so use the empty representation digest (helping to > spot addition) b) there is something to send, so send the digest of that > and then if the payload gets stripped, the receiver can detect the > digest doesn't match that of an empty representation and then bail. But in case (b), you are not doing what the spec currently says: "Using signatures to protect the checksum of an empty representation..."??? /me still confused > ... Best regards, JulianReceived on Saturday, 18 March 2023 11:01:27 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 18 March 2023 11:01:29 UTC