[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [office] RE: Part 3 CD01 7.2.1 PD1.4 Forbids encryption of signatures
"Dennis E. Hamilton" <dennis.hamilton@acm.org> wrote on 04/30/2010 12:09:12 PM: > > [office] RE: Part 3 CD01 7.2.1 PD1.4 Forbids encryption of signatures > > I have an immediate concern about further hacking of digital-signature > provisions. I think we SHOULD NOT make the addition proposed in > OFFICE-2656. > > I am frightened to see this increasing complexity by what appears to be > last-minute instant design of provisions that have serious security, > privacy, and authentication implications. I MUST object. > I don't see this proposal as introducing complexity. It is just defining the behavior for the real-world complexity that already exists. You can receive an encrypted documented and then want to sign it. And you can receive a signed document and want to encrypt it. These are two independent real-world actions that may be done by different agents. But since they manipulate some of the same package structures we need to be clear about how these operations relate and what ordering constraints we have. I agree that this is an area we need to get right. So what do we need to do to make sure we get it right? -Rob
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]