W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2009

Re: Additional edits to XML Signature 1.1

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 31 Dec 2009 18:36:37 +0100
Cc: Thomas Roessler <tlr@w3.org>, Frederick Hirsch <frederick.hirsch@nokia.com>, XMLSec WG Public List <public-xmlsec@w3.org>
Message-Id: <E977BC8D-6D71-4561-991B-D7FBB855E9CF@w3.org>
To: Magnus Nystrom <mnystrom@microsoft.com>
On 31 Dec 2009, at 18:20, Magnus Nystrom wrote:

> For
> 
>> 2. HMACOutputLength warning
>> 
>> We added in section 4.4.2
>> 
>> [[Signatures must be deemed invalid if the truncation length is below
>> half the underlying hash algorithm's output length, or 80 bits,
>> whichever of these two values is greater.]]
>> 
>> it seems it is invalid if (a) truncation length < half output length
>> and/or (b) < 80 bits.
>> 
>> Can we remove the phrase ", whichever of these two values is greater."
>> 
>> If not, what does it add beyond conditions (a) and (b)?
> 
> I guess an alternative could be:
> 
> "Signatures must ("MUST"?) be deemed invalid when the truncation length is less than the greater of half the underlying hash algorithm's output length or 80 bits."
> 
> But that still seems a bit convoluted. Why not just
> 
> "Signatures must ("MUST"?) be deemed invalid when the truncation length is less than half the underlying hash algorithm's output length.
> 
> (Assuming the use of hash algorithms with output length <160 bits will go away)

While that assumption doesnt' seem unreasonable, I wouldn't want to make it *implicit*, as you seem to suggest.  I suppose I'm biased in favor of the current text since I wrote it, but I wouldn't want to loose either of the two lower bounds from the spec.
Received on Thursday, 31 December 2009 17:36:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 31 December 2009 17:36:43 GMT