- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Mon, 29 Jul 2002 20:51:34 +0200
- To: David Wall <dwall@Yozons.com>, w3c-ietf-xmldsig@w3.org
--On Montag, 29. Juli 2002 10:36 -0700 David Wall <dwall@Yozons.com> wrote: > Has anybody decided whether signing the "real data" versus signing the > "hash" has any legal implications? My impression from a crypto perspective > is that it should be the same since the guarantees are the same, though it's > interesting because the person is now digitally signing meta data and a hash > of a document, rather than the document itself. The question now is whether > anybody will care since I think the binding of the party to the document > would be of the same quality (after all, the digital signature on the "real > data" is just a hash anyway). People probably don't care one way or the > other since it's all pretty much indecipherable to them, but when lawyers > are involved, you just never know! Hm, I'm not sure whether I understand it right. What do you understand under the trem "sign"? If "sign" is the DSA or RSA operation of the signing process, you *never* sign the message directly. What happens is that the message is digested and this digest is signed. In XML Signature, the hash of the message is collected in an intermediary object, the ds:SignedInfo and this is again hashed and DSA'ed. The signing process always involves a cryptographic hash function. Signing "real data", i.e. signing the message directly is not such a good idea as it opens the algorithm to some attacks, especially if you use plain RSA (which would be a very bad idea). Christian
Received on Monday, 29 July 2002 14:48:48 UTC