Message-Id: <s5a13da8.038@novell.com>
Date: Mon, 06 Jul 1998 21:11:42 -0600
From: "Vishal Goenka" <vgoenka@novell.com>
To: db@Eng
Subject: Re: java.security.Signature doesn't support data recovery
I believe the goal is to let the recipient recover the data on which the =
signature is generated, just from the signature. Signature (which is =
typically the encrypted digest) allows message integrity check, and given =
the original data, one can verify the integrity of the data from the =
signature. Signature with Data Recovery would allow message integrity =
check as well as recovery of data from the signature itself.=20
Essentially Signature with Recovery addresses confidentiality as well as =
integrity, whereas Cipher addresses only confidentiality, while Signature =
addresses only Integrity.
Hope this makes it clearer.
Vishal
>>> David Brownell <db@Eng.Sun.COM> 07/07/98 04:08AM >>>
Vishal Goenka wrote:
>=20
> Signature with data recovery is not supported in
> current java.security.Signature. Comments ??
Since it's a signature, no data is hidden or lost; nothing's
to recover. Am I missing something?
If the goal is to let third parties access your signature
keys (why??) it's simple enough just to escrow them with
said third party directly.
- Dave
> Vishal Goenka
> Novell