[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [dss] client-side hashing
At 09:30 AM 2/5/2003 -0500, Kaliski, Burt wrote: >Is there any interest in a blind signature service? In such a service, the >server would return a digital signature without ever seeing the hash. This >would prevent the server from subsequently "linking" the digital signature >with the user who requested it. Would be neat. The only scheme I'm familiar with, Chaum's RSA blinding, requires the client to know the server's public key, which is a slight inconvenience. And is patented until 2005. If the protocol is generic enough that a client sends a list of ds:References, and a selector for what type of signature he wants (CMS, XML DSIG, etc.), then might protocol support for this be as simple as just specifying a new ds:DigestMethod? -http://www.w3.org/2000/09/xmldsig#sha1WithRSABlinding Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC