[Top] [All Lists]

Re: Signed Label (was RE: 'Signature Purpose' attribute?)

1998-04-15 00:50:44
Bits removed


1) Don't know which signature to use. This is why the Signature Purpose
attribute was proposed. With the signatures tied into a purpose it can be
left up to site policy. (Dangerous words I think :-) ).

IMHO, the signaturePurpose attribute should not be used for access control
purposes.  For example, what happens if every additional signer includes a
signaturePurpose indicating that she is the original signer???


Doesn't your example question the use of signaturePurpose for anything? As
to what happens, well that would be down to the recipients own security
policy. If I received such a packet I would certainly question its worth,
since it would indicate that somebody is not processing the message correctly.

William Ottaway,             Tel: +44 (0)1684 894079
DERA Malvern,                Fax: +44 (0)1684 896113
St. Andrews Road,            email: 
Worcs, WR14 3PS