Subject: Re: Issue PR014: Signature protection semantics clarification
That was a good point to include this in [Signature Protection] property "The primary signature element is not required to be encrypted if the value is ‘true’ when there is nothing else in the message that is encrypted".
However, I have a question here: Instead of saying "nothing else in the message", shouldn't we be more specific and say:
"The primary signature element is not required to be encrypted if the value is ‘true’ when there is nothing in the message that is covered by this signature encrypted".
Let us take the following case:
If you encrypt <abc>, and sign <xyz>, you create a signature
Now going by the original statement in the spec, it would be ok to encrypt this signature whereas the element it covers is still left in the clear. In this case also IMO, there is no significant gain in the security.
If however, abc is signed using this primary signature, then encrypted, and then if this signature was confidentiality protected, it would be more meaningful.
So IMO, the primary signature element should be protected (when the property is true of course) when it covers at least something which is encrypted, and not anything in the message which is encrypted which I infer from the original clause.
Please share your thoughts.