W3C home > Mailing lists > Public > public-xmlsec-discuss@w3.org > March 2008

Re: draft-eastlake-additional-xmlsec-uris-00

From: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
Date: Sat, 08 Mar 2008 10:42:22 +0100
Message-ID: <47D25F7E.4080901@iaik.tugraz.at>
To: Eastlake III Donald <Donald.Eastlake@motorola.com>, XMLSec <public-xmlsec-maintwg@w3.org>
CC: Peter Lipp <peter.lipp@iaik.tugraz.at>, public-xmlsec-discuss@w3.org, "w3c-ietf-xmldsig@w3.org" <w3c-ietf-xmldsig@w3.org>
Dear Donald Eastlake,

Eastlake III Donald wrote in [1]:
> Comments for suggestions for additions welcome

Following up on [1] and in addition to [2] we would consider WHIRLPOOL
[4] a useful addition of to RFC 4051 .

http://www.w3.org/2007/05/xmldsig-more#whirlpool

The addition of the following signature methods are also kindly requested.

Proposed text for RSA-WHIRLPOOL:
> * RSA-WHIRLPOOL Identifier: 
> http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool
> 
> This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described
> in section 2.3.1 but with the ASN.1 BER WHIRLPOOL algorithm 
> designator prefix.  An example of use is
> 
> <SignatureMethod 
> Algorithm=http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool"/>


Proposed addition to section-2.3.6 for RSA-WHIRLPOOL:
> Identifiers ... 
> http://www.w3.org/2007/05/xmldsig-more#ecdsa-whirlpool
> 
> The #ecdsa-whirlpool fragment of the new namespace identifies a 
> signature method processed in the same way as specified by the 
> #ecdsa-sha512 fragment of this namespace
> (http://www.w3.org/2001/04/xmldsig-more) with the exception that 
> WHIRLPOOL is used instead of SHA-512.


kind regards

Konrad Lanz

References:
[1]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Nov/0026.html
[2]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Oct/0032.html
[3]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Nov/0010.html
[4] ISO/IEC 10118-3:2004
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39876


> Eastlake III Donald wrote in [3]: RFC 4051 says that no more URIs 
> will be added under http://www.w3.org/2001/04/xmldsig-more but 
> earlier this year http://www.w3.org/2007/05/xmldsig-more was 
> explicitly allocated for additions.

P.S:
To avoid confusion between the namespaces, maybe the language for
RIPEMD160 in section-2.3.6 should also replace the mentions of "this
namespace" in the same way as in the proposal above.


-- 
Konrad Lanz, IAIK/SIC - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Tel: +43 316 873 5547
Fax: +43 316 873 5520
https://www.iaik.tugraz.at/aboutus/people/lanz
http://jce.iaik.tugraz.at

Certificate chain (including the EuroPKI root certificate):
https://europki.iaik.at/ca/europki-at/cert_download.htm





Received on Saturday, 8 March 2008 09:44:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:31 GMT