Signed objects vs. signed comments

The question is instead whether or not
others can assume that what you "said" is in fact your actual position on an
issue or whatever. In the case of a text/plain object there's little issue -
it nominally contains words you authored (unless otherwise indicated by the
context). However, as I said before, the act of forwarding and signing a
message should not be construed as endorsement of whatever the message
contains.


Sounds like what's needed here is the concept of Signed Attributes.  A
Signed Attribute could be a comment, position, endorsement (or lack
thereof) associated with a particular message.  The semantics of a
signed attribute could be done in such a way that the signature on the
whole (message plus attributes) would not be valid if either were
modified or not present.

See PKCS #7 (available via anonymous ftp from rsa.com) for more
details.

Cheers,
Steve Dusse

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Signed objects vs. signed comments, Thomas Casey Re: Signed objects vs. signed comments, Stephen D Crocker RE: Signed objects vs. signed comments, Ned Freed Re: Signed objects vs. signed comments, Stephen D Crocker Re: Signed objects vs. signed comments, Steve Kent RE: Signed objects vs. signed comments, Ned Freed Re: Signed objects vs. signed comments, tardo RE: Signed objects vs. signed comments, Ned Freed Re: Signed objects vs. signed comments, Steve Kent Signed objects vs. signed comments, Steve Dusse <= Re: RE: Signed objects vs. signed comments, Raymond Lau Re: Signed objects vs. signed comments, jueneman%wotan

Previous by Date:	Re: Signed objects vs. signed comments, Steve Kent
Next by Date:	subscribe, dr808311
Previous by Thread:	Re: Signed objects vs. signed comments, Steve Kent
Next by Thread:	Re: RE: Signed objects vs. signed comments, Raymond Lau
Indexes:	[Date] [Thread] [Top] [All Lists]