W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2001

RE: Integrity Checking Requirement was -> RE: HW Support and XML Encryption Requirements

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 15 Mar 2001 15:04:35 -0500
Message-Id: <>
To: Paul Lambert <Paul.Lambert@cosinecom.com>
Cc: xml-encryption@w3.org
At 13:00 3/2/2001 -0800, Paul Lambert wrote:
>Integrity check mechanisms are required to validate the success of the 
>decryption process.  Without an integrity check, the random data (from 
>decryption with the wrong key) would processed and would occasionally be 
>parsed as "correct" data.

Paul, thank you for this clarification on checksum versus MAC. People agreed 
at the FTF that we should enable integrity checking [1] and it is now in the 
requirements document [2].

[1] http://www.w3.org/Encryption/2001/Meetings/0301-Boston/minutes.html
>4.2.7 Message authentication
>We will do some integrity, such as a checksum, combined with the 
>encryption; at least one encryption + checksum category will be included; 
>AES with SHA1 and 3DES with SHA1; see earlier discussion on IV as part of 
><CipherText>; encryption with an MDC
[2] http://www.w3.org/Encryption/2001/03/07-xml-encryption-req.html
>5. Security
>2. As already stated, the specification should provide for the optional 
>creation of a checksum over the data encrypted in the ciphertext. (This 
>enables an application to verify the success of the decryption process 
>instead of continuing to process data with the wrong key.) {List: Lambert, 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Thursday, 15 March 2001 15:04:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:02 UTC