- From: Yongge Wang <ywang@certicom.com>
- Date: Mon, 26 Mar 2001 20:39:59 -0500 (EST)
- To: Joseph Ashwood <jashwood@arcot.com>
- cc: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
> > an encrypted version of it for confidentiality). Right? > > > > You seem to think this is justified for a `very good security reasons`. > > Right? > > > > Question: what are these security reasons? > > Well the security reason is that if the signature doesn't include enough > randomness then the signature can be guessed. Which leads to potential > compromises. First I think this is a XML-DSIG problem. Secondly, DSA and ECDSA all require to have a random seed "r" for each signature. And the security issues are discussed in the DSA or ECDSA standard. It is not a problem for XML-Encryption. Also generally the signatures are on plaintext. So this is really no reason to exclude the case that one can sign on a plaintext. Most contract are signed on plaintext (of course, need to hash it first). Yongge ----------------------------------- Yongge Wang -- Crypto Mathematician http://cs.uwm.edu/~wang/ -----------------------------------
Received on Monday, 26 March 2001 20:40:02 UTC