Re: Decryption Transform


I understand what you say, but I feel that it's natural to distinguish
signature over encrypted data from signature over its clear text (i.e.,
signing encrypted data does not mean that you agree on its clear text) and
so I like Joseph's example.  Do you know any cases where both signatures
are regarded as the same?

Tokyo Research Laboratory
IBM Research

From: John Cowan <> on 2001/07/03 11:17

Please respond to John Cowan <>

To:   "Joseph M. Reagle Jr." <>
cc:   John Cowan <>, Takeshi
      Imamura/Japan/IBM@IBMJP, Hiroshi Maruyama/Japan/IBM@IBMJP,
Subject:  Re: Decryption Transform

Joseph M. Reagle Jr. scripsit:

> /+(Alice's signature over Bob's encrypted data does not mean she signs
> clear text equivalent; as Alice only "signs what she sees", she signs the
> encrypted data and nothing more.)+/

But now we are back where we started, with Alice taking the role of sucker,
signing what she doesn't understand.

I am arguing that the whole verify-decrypt-verify scenario is bad practice:
it comes about only if people sign encrypted material, *which they should
never do*.  We may need it nonetheless to compensate for pre-existing
bad practice.

John Cowan                         
One art/there is/no less/no more/All things/to do/with sparks/galore
     --Douglas Hofstadter

Received on Tuesday, 3 July 2001 11:24:57 UTC