- From: Yongge Wang <ywang@certicom.com>
- Date: Thu, 25 Jan 2001 13:25:34 -0500
- To: xml-encryption@w3.org
>> Though signature >> is different from MAC, but we should keep in mind that digital signature >> is an extension of MAC. > > Actually they are very different in security meaning. In short a MAC is a > statement that a member of the group authenticates the statement, a > signature has very real legal meaning. It's the legal meaning that's causing > all the problems here, without any legal meaning a signature on the > encrypted data asserts the authenticity of the encrypted data, not what was > encrypted. Because of the legal meaning we now have to deal with a massive > number of other options. Ohhh... I think we are only talking about the security against e.g., man-in-middle attacks... and not about the legal issues:-) If a malicious adversary (outside) can attack the MAC-then-encrypt, then he might be able to attack SIG-then-encrypt... that is my point... Regards, Yongge
Received on Thursday, 25 January 2001 13:30:05 UTC