- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Wed, 01 Aug 2001 13:49:59 -0400
- To: "Plambeck, Thane" <tplambeck@verisign.com>, Don Davis <ddavis@curl.com>
- Cc: "'xml-encryption@w3.org'" <xml-encryption@w3.org>
Thank you for putting proposals out there, makes things a bit more concrete. I would like to keep it short, and I also don't want to imply "correction" or "detection" as that is counter to the warnings we're trying to make. So, how about the following for Encryption: >When an encrypted envelope contains a signature, the signature does not >necessarily protect the authenticity or integrity of the ciphertext [Davis]. > >Furthermore, while the signature secures plaintext it only covers that >which is signed, recipients of encrypted messages must not infer integrity >or authenticity of other unsigned information (e.g., headers) within the >encrypted envelope, see [XMLDSIG, 8.1.1 Only What is Signed is Secure]. -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Wednesday, 1 August 2001 13:52:23 UTC