Re: Signing and Encryption

How about this suggestion?

Each time, when encrypt some parts of an element (or the entire element),
change the ID value of that element.. Then if the signature is on that
element, it will be clear the signature if first or encryption is first.

But this will not work if the the entire document is encrypted ?
(might also work, since we can change the document name to xxx.enc)

Regards,
Yongge

>At 13:08 1/22/2001 -0500, Frederick J. Hirsch wrote:
>>4. Assume party C receives the document with the encrypted element and the
>>signature and wishes to verify the signature. The reference is valid since
>>the
>>encrypted element has the "a" Id, so the signature could be over the
>>encrypted
>>element or over the unencrypted element. One approach would be to attempt
>>verify
>>the signature with the reference to the encrypted element - this is the
>>correct
>>behaviour since this is what the reference refers to. If it fails, the
>>verifier
>>could detect that the element was encrypted, decrypt it, and try again.
>
>Hi Fred,
>
>I think this only works when the signature/encryption is of the same
>granularity, right? What happens if you want to encrypt children of the
>element signed? You would revert to having to validate the parent element,
>then try validate it under all permutations of its children decrypted I think.

Received on Wednesday, 31 January 2001 15:37:12 UTC