ietf-smime
[Top] [All Lists]

RE: sender-auth and ira

2001-10-25 20:58:50

"Jim Schaad" <jimsch(_at_)nwlink(_dot_)com> writes:
[Snip]

I think that this is an interesting accademic problem, until I see a real
world need for a solution I think it should be ignored.

Unaccustomed as I am to agreeing with Jim :-), I concur with this opinion.
Anything of any importance (eg electronic payment instruction, contract, etc)
which relies on signatures will include more than enough information in the
signed body to resolve any difficulties, and even if there were some pressing
demand for this (there isn't), it's not at all clear what a correct solution
would be.

Speaking of academic exercises, I'm surprised noone's mentioned Serge
Vaudenay's PKCS #5 padding attack yet...

Peter.


<Prev in Thread] Current Thread [Next in Thread>