W3C home > Mailing lists > Public > public-xmlsec@w3.org > June 2012

GCM format question

From: Cantor, Scott <cantor.2@osu.edu>
Date: Wed, 13 Jun 2012 15:42:23 +0000
To: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <CBFE2D1C.237A2%cantor.2@osu.edu>
I'm sure there's a good reason, but what is the justification for putting
the GCM authentication tag at the end of the ciphertext instead of in an
XML attribute or something? It seems very awkward to have to specially
handle the ciphertext and split off the tag for just one algorithm. That
makes adaptation to existing APIs harder than it needs to be.

-- Scott
Received on Wednesday, 13 June 2012 15:45:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 13 June 2012 15:45:09 GMT