Re: java.security.Signature doesn't support data recovery

Vishal Goenka (vgoenka@novell.com)
Mon, 06 Jul 1998 21:11:42 -0600

Message-Id: <s5a13da8.038@novell.com>
Date: Mon, 06 Jul 1998 21:11:42 -0600
From: "Vishal Goenka" <vgoenka@novell.com>
To: db@Eng
Subject: Re: java.security.Signature doesn't support data recovery

I believe the goal is to let the recipient recover the data on which the =
signature is generated, just from the signature. Signature (which is =
typically the encrypted digest) allows message integrity check, and given =
the original data, one can verify the integrity of the data from the =
signature. Signature with Data Recovery would allow message integrity =
check as well as recovery of data from the signature itself.=20

Essentially Signature with Recovery addresses confidentiality as well as =
integrity, whereas Cipher addresses only confidentiality, while Signature =
addresses only Integrity.

Hope this makes it clearer.

Vishal

>>> David Brownell <db@Eng.Sun.COM> 07/07/98 04:08AM >>>
Vishal Goenka wrote:
>=20
> Signature with data recovery is not supported in
> current java.security.Signature. Comments ??

Since it's a signature, no data is hidden or lost; nothing's
to recover. Am I missing something?

If the goal is to let third parties access your signature
keys (why??) it's simple enough just to escrow them with
said third party directly.

- Dave

> Vishal Goenka
> Novell