OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [ebxml-msg] Sign and Encrypt


You proposed order of signing before encrypting works only if the MSH
takes care of both signatures and encryption.

In the current Messaging spec, the MSH is responsible for signing but
not encryption. Therefore, if you are concerned with persistent encryption
of the payload portion of an ebXML message, the encryption will have to
be performed first. The encrypted payload(s) will then have to be passed to
the MSH for packaging and signing.


-----Original Message-----
From: David Fischer <david@drummondgroup.com>
To: ebXML Msg <ebxml-msg@lists.oasis-open.org>
Date: Friday, October 26, 2001 12:02 PM
Subject: [ebxml-msg] Sign and Encrypt

I am looking through the spec and I don't see anywhere that says which to do
first, Sign or Encrypt.  All security protocols of which I am aware always
first and then encrypt.  This may be obvious but I would like to add a note
this effect in section

Note:  When both signature and encryption are required, sign first and then


David Fischer
Drummond Group.

To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC