Surreptitious Forwarding

Completing an action item from last week's xmlenc f2f:

>After further discussion, the group agrees to include a
>statement akin to, "the presence of encryption does not imply
>anything about integrity or authenticity of the message" and
>include a reference to those sections ("see what you sign") of
>xmldsig; add a sentence in XML-dsig with this recipient issue as an
>example. Action Reagle: do the edits to xmlenc and
>xmldsig specs.

Encryption now reads:

>6.1 Relationship to XML Digital Signatures
>Also, recipients of encrypted messages must remember that
>encryption itself does not imply anything about the integrity or
>authenticity of that data [XMLDSIG, 8.1.1 Only
>What is Signed is Secure].

DSig now reads:

Second, information that is not signed but part of an
envelope containing signed information is obviously not secured.
For instance, unsigned recipient headers accompanying signed
information within an encrypted envelope does not have its authenticity or 
integrity protected.

Joseph Reagle Jr.       
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair
W3C XML Encryption Chair

Received on Wednesday, 25 July 2001 15:56:29 UTC