- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 15 Mar 2001 15:04:35 -0500
- To: Paul Lambert <Paul.Lambert@cosinecom.com>
- Cc: xml-encryption@w3.org
At 13:00 3/2/2001 -0800, Paul Lambert wrote:
>Integrity check mechanisms are required to validate the success of the
>decryption process. Without an integrity check, the random data (from
>decryption with the wrong key) would processed and would occasionally be
>parsed as "correct" data.
Paul, thank you for this clarification on checksum versus MAC. People agreed
at the FTF that we should enable integrity checking [1] and it is now in the
requirements document [2].
[1] http://www.w3.org/Encryption/2001/Meetings/0301-Boston/minutes.html
>4.2.7 Message authentication
>We will do some integrity, such as a checksum, combined with the
>encryption; at least one encryption + checksum category will be included;
>AES with SHA1 and 3DES with SHA1; see earlier discussion on IV as part of
><CipherText>; encryption with an MDC
[2] http://www.w3.org/Encryption/2001/03/07-xml-encryption-req.html
>5. Security
>2. As already stated, the specification should provide for the optional
>creation of a checksum over the data encrypted in the ciphertext. (This
>enables an application to verify the success of the decryption process
>instead of continuing to process data with the wrong key.) {List: Lambert,
>FTF1}
__
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 15 March 2001 15:04:46 UTC