- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 31 Dec 2009 18:36:37 +0100
- To: Magnus Nystrom <mnystrom@microsoft.com>
- Cc: Thomas Roessler <tlr@w3.org>, Frederick Hirsch <frederick.hirsch@nokia.com>, XMLSec WG Public List <public-xmlsec@w3.org>
On 31 Dec 2009, at 18:20, Magnus Nystrom wrote:
> For
>
>> 2. HMACOutputLength warning
>>
>> We added in section 4.4.2
>>
>> [[Signatures must be deemed invalid if the truncation length is below
>> half the underlying hash algorithm's output length, or 80 bits,
>> whichever of these two values is greater.]]
>>
>> it seems it is invalid if (a) truncation length < half output length
>> and/or (b) < 80 bits.
>>
>> Can we remove the phrase ", whichever of these two values is greater."
>>
>> If not, what does it add beyond conditions (a) and (b)?
>
> I guess an alternative could be:
>
> "Signatures must ("MUST"?) be deemed invalid when the truncation length is less than the greater of half the underlying hash algorithm's output length or 80 bits."
>
> But that still seems a bit convoluted. Why not just
>
> "Signatures must ("MUST"?) be deemed invalid when the truncation length is less than half the underlying hash algorithm's output length.
>
> (Assuming the use of hash algorithms with output length <160 bits will go away)
While that assumption doesnt' seem unreasonable, I wouldn't want to make it *implicit*, as you seem to suggest. I suppose I'm biased in favor of the current text since I wrote it, but I wouldn't want to loose either of the two lower bounds from the spec.
Received on Thursday, 31 December 2009 17:36:42 UTC