- From: John Cowan <jcowan@reutershealth.com>
- Date: Fri, 29 Jun 2001 16:18:28 -0400
- To: "Joseph M. Reagle Jr." <reagle@w3.org>
- CC: imamu@jp.ibm.com, maruyama@jp.ibm.com, xml-encryption@w3.org
Joseph M. Reagle Jr. wrote: > For example, Alice wishes to order and pay for a book from Bob using the > mutually trusted payment system ZipPay. Bob creates an order form > including the book title, price and his account info. He wants to sign > all of this information, but will subsequently encrypt his account info > for ZipPay only. So far so good. > He sends this to Alice who affirms the book title and > price, signs the form Now on your "sign only what is seen" principle, shouldn't Alice sign the title and price only? Then we have a signature covering the whole plaintext document, and another covering part of the plaintext document. ZipPay can decrypt Bob's info and then verify both signatures: no need for verify-decrypt-verify, although of course that will work as well. -- There is / one art || John Cowan <jcowan@reutershealth.com> no more / no less || http://www.reutershealth.com to do / all things || http://www.ccil.org/~cowan with art- / lessness \\ -- Piet Hein
Received on Friday, 29 June 2001 16:18:29 UTC