W3C home > Mailing lists > Public > public-xmlsec@w3.org > April 2009

Additional algorithm URIs (Re: XML Security Algorithm Cross-Reference)

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 29 Apr 2009 18:50:01 +0200
To: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
Message-Id: <6A7C70FE-FD0A-4034-AD6E-B161B69E2AAD@w3.org>
Cc: Dieter Bratko <Dieter.Bratko@iaik.tugraz.at>, XMLSec WG Public List <public-xmlsec@w3.org>
So... If I get this correctly, then the things you want to have added  
are:

(a) ECDSA-RIPEMD160 -- this one was in draft-eastlake:
     http://tools.ietf.org/html/draft-eastlake-additional-xmlsec-uris-00

     Is there any reason why the text used there (see section 2.3.6)  
would be inadequate?

(b) ECDSA-WHIRLPOOL -- this one wasn't.

Is there a URI for whirlpool that would be defined elsewhere, and  
belongs in the cross-reference?  Or do we need to coin one?

Thanks,
--
Thomas Roessler, W3C  <tlr@w3.org>




On 24 Mar 2009, at 18:11, Konrad Lanz wrote:

> Draft updates ... to be merged into "XML Security Algorithm Cross- 
> Reference"
>
> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html
>
> ...
>
> 2 Namespaces
>
> ...
>
> add to dsigmore: http://www.w3.org/2007/05/xmldsig-more#
>
> ...
>
> 3.3 Elliptic Curve DSA
>
> ECDSA-RIPEMD160
> URI:
> http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160
> Specified in:
>   German BSI Technical Guideline TR-03111
> <http://www.bsi.bund.de/literat/tr/tr03111/BSI-TR-03111.pdf#page=27>
>
>   Note: #ecdsa-ripemd160 identifies a signature method processed in  
> the
> same way as specified by the #ecdsa-sha1. The signature value is  
> however
> encoded as (r || s) and not wrapped into a SEQUENCE as done by  
> X9.62. If
> the hash length is larger than the domain parameter length the hash is
> not truncated like in X9.62; rather it is reduced modulo n, the  
> order of
> the base point G.
>
>
>
> ECDSA-WHIRLPOOL
>
> URI:
> http://www.w3.org/2007/05/xmldsig-more#ecdsa-whirlpool
> Specified in:
>   German BSI Technical Guideline TR-03111
> <http://www.bsi.bund.de/literat/tr/tr03111/BSI-TR-03111.pdf#page=27>
>   cf. ecdsa-with-Specified where "Specified" is WHIRLPOOL.
>
> The #ecdsa-whirlpool fragment identifies a signature method  
> processed in the same way as specified by the
> #ecdsa-sha512 fragment with the exception that WHIRLPOOL is used  
> instead of SHA-512.
>
>   Note: The signature value is however encoded as (r || s) and not
> wrapped into a SEQUENCE as done by X9.62. If the hash length is larger
> than the domain parameter length the hash is not truncated like in
> X9.62; rather it is reduced modulo n, the order of the base point G.
>
> ...
>
> 3.2 RSA
>
> RSA-WHIRLPOOL
> URI:
> http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool
> Specified like:
>    RSA-SHA512 with the exception that WHIRLPOOL is used instead of  
> SHA-512 the PKCS#1 v1.5 padding algorithm [RFC3447] as described
> in section 2.3.1 but with the ASN.1 BER WHIRLPOOL algorithm  
> designator prefix is implied.
>
>
>
> -- 
> Konrad Lanz, IAIK/SIC - Graz University of Technology
> Inffeldgasse 16a, 8010 Graz, Austria
> Tel: +43 316 873 5547
> Fax: +43 316 873 5520
> http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/
> http://jce.iaik.tugraz.at/sic/products/xml_security/
>
> Downlaod certificate chain (including the EuroPKI root certificate):
> http://ca.iaik.tugraz.at/capso/certs.jsp
>
> <Konrad_Lanz.vcf>
Received on Wednesday, 29 April 2009 16:50:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:58 GMT