- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 31 Jul 2001 17:16:00 -0400
- To: Don Davis <dtd@world.std.com>
- Cc: "XML Encryption WG " <xml-encryption@w3.org>, <SMathews@conclusive.com>
At 10:54 7/30/2001, Don Davis wrote: > "When an encrypted envelope contains a signature, > the signature does not protect the authenticity > or integrity of the ciphertext, even though the > signature does protect the integrity of the plaintext. > Accordingly, most applications should take care > to prevent the unauthorized replacement of the > encrypted envelope." I admit I'm beginning to loose traction on these nuances, but the proposed text in XMLDSIG says what your first sentence says (the ciphertext form) *and* don't infer authenticity or integrity over "envelope headers." If you think that detracts from the warning about ciphertext form, I can delete it. I disagree with your second sentence as it brings in issues of authorization and violates the principle of the warnings: if want prevent unauthorized replacement sign it. [1] Second, an envelope containing signed information is not secured by the signature. For instance, when an encrypted envelope contains a signature, the signature does not protect the authenticity or integrity of unsigned envelope headers nor its ciphertext form, it only secures the plaintext actually signed. -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Tuesday, 31 July 2001 17:16:05 UTC