W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

Re: ACTION-219: ECPointType

From: Thomas Roessler <tlr@w3.org>
Date: Mon, 23 Feb 2009 12:31:59 +0100
To: Magnus Nyström <magnus@rsa.com>
Message-Id: <93CEF146-6431-4E64-980D-97B7A23D2514@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, ext Brian LaMacchia <bal@exchange.microsoft.com>, XMLSec WG Public List <public-xmlsec@w3.org>
On 23 Feb 2009, at 11:15, Magnus Nyström wrote:

> I think Thomas suggestion to have a renewed look at the design is a  
> good one, but I think it would be a little strange to have the seed  
> as a child of a hash element, since the seed is not really part of  
> the hash.

> IF we are to change Brian's latest draft (but note that I'd be OK  
> with it as is), then an alternative suggestion could be something  
> like:

Looks better to me than the previous one.  I'd be happy to merge this  
into the FPWD if there are no objections.

Any comments?

> <complexType name="ECParametersType">
>      <sequence>
>        <element name="FieldID" type="dsig11:FieldIDType"/>
>        <element name="Curve" type="dsig11:CurveType"/>
>        <element name="Base" type="dsig11:ECPointType"/>
>        <element name="Order" type="ds:CryptoBinary"/>
>        <element name="CoFactor" type="integer" minOccurs="0"/>
>        <element name="ECValidationData"
>                 type="dsig11:ECValidationDataType" minOccurs="0"/>
>      </sequence>
>    </complexType>
>
> <complexType name="ECValidationDataType">
>  <sequence>
>    <element name="seed" type="ds:CryptoBinary"/>
>  </sequence>
>  <attribute name="hashAlgorithm" type="anyURI" use="required" [?] />
>  <attribute name="curveRandom" type="boolean"/>
>  <attribute name="pointRandom" type="boolean"/>
> </complexType>
>
> ... and remove the "seed" element from the curve type:
>
> <complexType name="CurveType">
>  <sequence>
>    <element name="A" type="ds:CryptoBinary"/>
>    <element name="B" type="ds:CryptoBinary"/>
>  </sequence>
> </complexType>
>
> The advantage of the above design would be that you gather all EC  
> validation data in a type of its own, and you will also be able to  
> express whether the verifiability is for the curve (curveRandom =  
> true), the point (pointRandom = true), both (both = true) or none  
> (that's when the ECValidationData element is not present at all).
Received on Monday, 23 February 2009 11:32:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT