OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office] OFFICE-2656: Default Signing After Encryption isUnacceptable

Dear TC members,

I agree to Malte here, and suggest that rather than discussing whether 
the the one the other way of combining signatures and encryption should 
be default or should be allowed, concentrate on the technical details.

So, we know that ODF 1.2 allows to sign encrypted documents, and we 
heard voices that this is a wanted feature of ODF 1.2. Therefore we 
should keep it.

But there is some uncertainty whether ODF 1.2 also supports encrypting 
signed documents. So, the technical question is whether ODF 1.2 already 
supports this, and if not, what needs to be done to support that.

So, the only kind of discussion that takes the ODF specification forward 
are proposals or clarification that enable ODF to support encryption of 
signed documents (if that is not supported already). I would like to ask 
all TC members to concentrate on this aspect.

Thank you


On 05/06/10 13:06, Malte Timmermann wrote:
> Hi Thorsten,
> it's not worth discussing which of all possible scenarios is the most
> useful one.
> The specification should allow the different scenarios, and not hinder
> any valid use case - everything else is up to the application.
> Malte.
> Thorsten Behrens wrote, On 05/06/10 12:51:
>> Malte Timmermann wrote:
>>> I fully agree that there are valid use cases that the signature of an
>>> encrypted document MAY also be encrypted.
>>> But you also should agree that there are valid use cases to not encrypt
>>> the signature, because you then can't verify document integrity in
>>> automated processes w/o knowing the encryption keys.
>> Hi Malte,
>> well I guess it's really the other way 'round. Honestly, the
>> overwhelmingly standard case is to sign first, then encrypt
>> (RFC1991, 2440, etc etc). Simply put, encryption means protecting
>> document content from plain sight. A signature is part of the
>> document, and usually conveys at least some amount of likely private
>> information, so the default really should be to encrypt that, too.
>> Apart from that, all the nice things from DSIG like only signing node
>> sets really only work with access to the unencrypted xml streams -
>> so I truly feel that signing encrypted documents is the special
>> case, and signing first the norm, with a wealth of useful variations
>> suddenly then getting straight-forward, instead of being a hard
>> problem.
>> Signing first really is sine qua non - everything else is optional.
>> Cheers,
>> -- Thorsten
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 

Michael Brauer, Technical Architect Software Engineering
Sun Microsystems GmbH             Nagelsweg 55
D-20097 Hamburg, Germany          michael.brauer@sun.com
http://sun.com/staroffice         +49 40 23646 500

Sitz der Gesellschaft: Sun Microsystems GmbH, Sonnenallee 1,
	   D-85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Jürgen Kunz

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]