OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office] RE: Part 3 CD01 7.2.1 PD1.4 Forbids encryption ofsignatures

On Fri, 2010-04-30 at 11:13 -0600, robert_weir@us.ibm.com wrote:
> "Andreas J. Guelzow" <andreas.guelzow@concordia.ab.ca> wrote on 04/30/2010 
> 12:53:47 PM:
> > 
> > Re: [office] RE: Part 3 CD01 7.2.1 PD1.4 Forbids encryption of 
> signatures
> > 
> > On Fri, 2010-04-30 at 10:34 -0600, robert_weir@us.ibm.com wrote:
> > > It is just defining 
> > > the behavior for the real-world complexity that already exists.  You 
> can 
> > > receive an encrypted documented and then want to sign it. 
> > 
> > Why would you want to sign an encrypted document? 
> > 
> > Andreas
> It depends on the context.  In some cases signing indicates authorship.  I 
> sign what I wrote.  In other cases signing denotes approval.  I reviewed 
> the document and I sign it to indicate that I approve it.  Whether or not 
> it is also encrypted is an orthogonal question.  Certainly I wouldn't want 
> to sign something I cannot also decrypt.  But I might want to sign 
> something that only a small number of people can read, like a private 
> contract.

As I sign something I should have been able to encrypt it. So it would
be reasonable for me to sign it before I encrypt it, since this shows
that I in fact was able to know what I was signing. If I get an
encrypted and later signed document, I would assume that the signature
was added only to confirm encryption???


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]