RE: [ActiveDir] Which is better

Thu, 28 Oct 2004 13:10:32 -0700 

You also have to look at what each method doesn't do.

1. Digital signature
        Proves the message was sent by you
        Allows anyone to read the message

2. Digital envelope
        Only the desired recipient can read the message
        Doesn't prove the message was from you

A truly secure transfer requires both techniques to be used but sometimes one step is 
all you need.

A digital signature is similar to having your signature "notarized" on a loan 
application. Also, when you download a new device driver it could be digitally signed 
so you can be sure that you are actually getting a driver from your hardware vendor, 
not a hacker. However the message is now the equivalent of a postcard or a billboard 
by the side of the road.

If you are placing a message into a portable storage media (floppy, usb key, portable 
hard disk, etc) that a courier is going to hand carry to the recipient then the 
digital envelope would keep the courier from looking at the contents of the message. 
If the courier switched your message with another one, you couldn't know.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 28, 2004 11:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Which is better

Well what are you trying to achieve?

Digitally sign just ensures to the receiving arty that the packet has not been 
tampered with. Digitally encrypt ensures that nobody in between can read the contents 
of the packet. 

Thanks.
�
--Brian Desmond
[EMAIL PROTECTED]
Payton on the web! www.wpcp.org
�
v - 773.534.0034 x135
f - 773.534.8101


> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:ActiveDir-
> [EMAIL PROTECTED] On Behalf Of Salandra, Justin A.
> Sent: Thursday, October 28, 2004 1:42 PM
> To: [EMAIL PROTECTED]
> Subject: [ActiveDir] Which is better
> 
> Digitally sign communications
> 
> Or
> 
> Digitally encrypt secure channel data
> 
> Justin A. Salandra, MCSE
> Senior Network Engineer
> Catholic Healthcare System
> 212.752.7300 - office
> 917.455.0110 - cell
> [EMAIL PROTECTED]
> 
> 
> List info   : http://www.activedir.org/mail_list.htm
> List FAQ    : http://www.activedir.org/list_faq.htm
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Reply via email to