RE: Xenc Requirements req - comments on security and other issues

Amir,

Thanks for the correction; I'm not familiar with "chosen signature" attacks.
I guess that proves that I'm not a cryptographer :-)

But my main point remains.... how feasible is it for an attacker (be they a
dishonest signer, a dishonest recipient, or
an attacker in the middle who's trying to foul the relationship between the
two) to mount such an attack presuming the types of cryptosystems proposed
for this standard?  If we're going to list it as a security consideration,
we should be able to approximate the level of risk so implementers can make
an informed decision.

--Jeremy

Received on Monday, 16 April 2001 12:52:17 UTC