Re: Simplifying S/MIME v31997-10-14 15:00:23signedandEnvelopedData has a flaw. An attacker can stip the signature from the message, then by changing the OID, the recipient will think that the message we encrypted. This attack is mitigated by using signedData and envelopedData independently. Russ
|
|