OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [office] Document integrity vs. authenticity

I don't know what it means to use an automated process to verify a
document's integrity.  I'm not sure which sense of integrity we have in

Signatures are good ways to deal with authenticity, depending on what it is
the signature attests to that is not refutable.  My reading is that XML Dsig
does not establish what that might be, although it recognizes that the
nature of the signing might embody some sort of claim when a document is
signed in that manner.

If you are concern that the document has not been damaged in some way, and
then encrypted, it is up to an entity with the authority to decrypt it to
determine that.  Almost by definition, no other entity is trusted to do

If we want to know that the package is undamaged and is not a counterfeit,
having some sort of external verifier that a received file is the one that
was created for that purpose can be accomplished by other means. These are
sometimes called signatures, but they don't require XML Dsig.

Digests are good enough to be thought of as signatures in this specific
case, and if we want to be fancy, signed digests can be (and are) used.
None of these practices have to dig into the package at all and there is no
concern for package-internal encryption, digital signature, or any other
presumed structure.  I suspect that is why HMAC stands for Hash-based
Message Authentication Code.  

Is it this last kind of authentication you are concerned about?

-----Original Message-----
From: Malte.Timmermann@Sun.COM [mailto:Malte.Timmermann@Sun.COM] 
Sent: Thursday, May 06, 2010 02:04
To: David LeBlanc
Cc: dennis.hamilton@acm.org; 'Patrick Durusau'; ODF TC List
Subject: Re: [office] OFFICE-2656: Default Signing After Encryption is

Davin, Dennis.

I fully agree that there are valid use cases that the signature of an
encrypted document MAY also be encrypted.

But you also should agree that there are valid use cases to not encrypt
the signature, because you then can't verify document integrity in
automated processes w/o knowing the encryption keys.

[ ... ] 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]