- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 02 Jul 2001 11:42:13 -0400
- To: John Cowan <jcowan@reutershealth.com>
- Cc: imamu@jp.ibm.com, maruyama@jp.ibm.com, xml-encryption@w3.org
At 16:18 6/29/2001, John Cowan wrote: >Now on your "sign only what is seen" principle, shouldn't Alice sign the >title and price only? Then we have a signature covering the >whole plaintext document, and another covering part of the plaintext >document. ZipPay can decrypt Bob's info and then verify both >signatures: no need for verify-decrypt-verify, although of course that >will work as well. Yes, this is possible, but I didn't want to confuse the partial signature possibility with the verify-decrypt-verify in the simple scenario... Actually, with the proposed text, we could add a parenthesis making this clear but I'm not sure if it confuses the issue... /+(Alice's signature over Bob's encrypted data does not mean she signs its clear text equivalent; as Alice only "signs what she sees", she signs the encrypted data and nothing more.)+/ -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Monday, 2 July 2001 11:42:24 UTC