Re: Signatures and encryption headers
- From: Fabrice <fabrice.gautier@xxxxxxxxx>
- Date: Wed, 5 Nov 2008 19:11:06 -0800 (PST)
On Nov 5, 2:05 am, "John E. Hadstate" <jh113...@xxxxxxxxxxx> wrote:
"Fabrice" <fabrice.gaut...@xxxxxxxxx> wrote in message
# Anyway, the sign-then-encrypt or
# encrypt-then-sign is definitely part
# of the problem.
# I think I would favor sign the plaintext.
# After all this is what I want to
# authenticate, not some random looking bits.
Encrypt, then sign the whole message, including the unencrypted
But why? It seems that many application do it the other way around.
For example, we where talking about PGP earlier, and I dont see them
signing the session key for example.
Quoting RFC 2440 (end of section 2.1):
" Both digital signature and confidentiality services may be applied
the same message. First, a signature is generated for the message and
attached to the message. Then, the message plus signature is
encrypted using a symmetric session key. Finally, the session key is
encrypted using public-key encryption and prefixed to the encrypted
They do encrypt the signature, but they do not sign the encryption
- Prev by Date: Re: Signatures and encryption headers
- Next by Date: Re: filter-type encryption program for Unix
- Previous by thread: Re: Signatures and encryption headers
- Next by thread: Re: Signatures and encryption headers