- From: Malte Borcherding <Malte.Borcherding@brokat.com>
- Date: Tue, 29 Aug 2000 09:25:23 +0200
- To: Don Davis <dtd@world.std.com>
- CC: Ed Simon <ed.simon@entrust.com>, xml-encryption@w3.org
Don Davis wrote: [...] > the problem i describe arises wherever: > > * signing and public-key encryption are used together, > and > * the plaintext document fails to name the signer or > the intended decryptor. > > if, when signing & encrypting are to be used together, > neither XML Signature nor XML Encryption mandates any naming, > then compliant applications will be free to prepare insecure > XML documents, and XML's security extensions will be rendered > impotent. Don, I do not think that the encryption layer should be used as a means to securely transport information about the intended recipient, in the sense that the meaning of the document depends on this information. It should be possible to peel off the encryption layer without losing information relevant to the document. So, if the name of the intended recipient is important for the interpretation of the document, then it should be stated in the plaintext. But I think this decision is application-dependent, and I do not consider a system insecure which does not mandate sign/wrap/sign security. Malte -- --------------------------------------------------------------- Malte Borcherding Technical Research Manager Brokat AG Voice: (+49)711-78844 231 Industriestr. 3 Fax: (+49)711-78844 779 70565 Stuttgart WWW: http://www.brokat.com Germany email: Malte.Borcherding@brokat.com
Received on Tuesday, 29 August 2000 03:24:39 UTC