I disagree. We said that encryption is an application
function for v1.0 because XML encryption was nacent and
unfinished. When it becomes a W3C Recommendation, we agreed
to revisit the issue from an MSH perspective.
If the "application" wants to use S/MIME to encrypt the
payload, then it is free to do so, but the S/MIME encrypted
payload then becomes an opaque payload from the MSH perspective.
As to whether or not it is "correct" to sign an encrypted
payload is not an answerable question without a specific
context. I don't think that we can say one way or another
whether it is right or wrong in any absolute terms.
Cheers,
Chris
David Fischer wrote:
> No, it is incorrect to sign an encrypted payload. See my message to Arvola. It
> is a function of the MSH to encrypt, after signing.
>
> Regards,
>
> David Fischer
> Drummond Group.
>
>