W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

Re: ACTION-829: Provide additional proposal text regarding xml encryption changes for pkcs1.5

From: Cantor, Scott <cantor.2@osu.edu>
Date: Tue, 4 Oct 2011 19:11:09 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, Magnus Nystrom <mnystrom@microsoft.com>
CC: Pratik Datta <pratik.datta@oracle.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <CAB0D23F.10E4D%cantor.2@osu.edu>
On 10/4/11 2:10 PM, "Frederick.Hirsch@nokia.com"
<Frederick.Hirsch@nokia.com> wrote:
>
>I think it would eliminate a *lot* of confusion if it were not there and
>we had appropriate XML elements. Scott indicated that the XML digest
>algorithm *is* used.

Well, to be clear, it often isn't. Which is a source of interop problems
for non-SHA1 usage. My code now uses it (I shipped a patch to fix that).
The Java Santuario code does not, but MAY and I think does properly break
if it's found and isn't set to SHA-1. Other implementations may well
ignore it.

-- Scott
Received on Tuesday, 4 October 2011 19:12:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 4 October 2011 19:12:42 GMT