W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2001

Re: Signing and Encryption

From: Joseph Ashwood <jashwood@arcot.com>
Date: Thu, 1 Feb 2001 13:43:33 -0800
Message-ID: <110001c08c9a$e7542ec0$2a0210ac@livermore>
To: <xml-encryption@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
----- Original Message -----
From: "Joseph M. Reagle Jr." <reagle@w3.org>
> what *must* be encrypted in a Signature when the
> content it signs is also encrypted: the Reference Digests (hashes over
> content being signed: yes), the SignatureValue (hash+key over SignedInfo:
> ?), or both?

Both. In even the most obscure signature algorithms the hash can be verified
by knowing the hash and the public key.
Received on Thursday, 1 February 2001 17:04:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:02 UTC