- From: Don Davis <dtd@world.std.com>
- Date: Tue, 29 Aug 2000 08:24:41 -0500
- To: Malte Borcherding <Malte.Borcherding@brokat.com>, Stephen Farrell <stephen.farrell@baltimore.ie>
- Cc: xml-encryption@w3.org
Malte Borcherding wrote: >... I do not consider a system insecure which does > not mandate sign/wrap/sign security. mr. borcherding, neither do i. i don't propose that signed & encrypted xml documents should carry an extra signature. i do propose that that xml documents should instead use explicit embedded names, whenever signature and encryp- tion are used together. if neither an extra signature nor embedded names are included, in signed & encrypted xml documents, then the message is not fully secure. it seems plain that the xml encryption specification should guide developers towards secure implementations. yes, such guidance will constrain applications somewhat. such constraint is always a price of secure operation. Stephen Farrell wrote: > ...for the specific case of signed(wrapped(msg)), since > the keyInfo in the Signature carries identification, if > that were inside the encryption then the solution would > be neat. conversely, for wrapped(sign(msg)), the signed text should include the decryptor's keyinfo (or some other form of his name). - don davis, boston -
Received on Tuesday, 29 August 2000 08:25:40 UTC