RE: Algorithm Granularity / Othogonality from Mark Bartel on 1999-10-15 (w3c-ietf-xmldsig@w3.org from October to December 1999)

From: Mark Bartel <mbartel@thistle.ca>
Date: Fri, 15 Oct 1999 15:01:34 -0400
To: "'w3c-ietf-xmldsig@w3.org '" <w3c-ietf-xmldsig@w3.org>
Message-ID: <91F20911A6C0D2118DF80040056D77A2032A53@arren.roke.thistle.ca>

I vote for G.1., expressing algorithm suites as one algorithm:

a) This is how most other standards seem to do it.

b) Ambiguity is possible in the case of G.2.; I believe this is the reason
for a).  In general, the technical specification for different algorithms
may express their output in different fashions.  For example, in RFC 2437
RSASSA-PKCS1-v1_5 outputs an octet string, while in FIPS 186-1 DSA outputs
two integers (r and s).  If you were specifying an algorithm that could take
RSA or DSA as a parameter, you would need to specify exactly how the output
of each is used by the encompassing algorithm.  For the G.2. method you
could always say on the encompassing algorithm definition of A that "the
algorithm parameter must be X or Y; the output of X will be encoded this
way, the output of Y will be encoded that way" but this seems to me to be
equivalent to defining A-X and A-Y.  Might as well express it that way.

c) G.2. can be accurately and easily expressed in G.1. fashion but not
vice-versa because of the ambiguity issue.

-Mark Bartel
JetForm

-----Original Message-----
From: dee3@us.ibm.com
To: w3c-ietf-xmldsig@w3.org
Sent: 10/14/99 9:41 PM
Subject: Algorithm Granularity / Othogonality

G. Algorithm Granularity
1.   Suites as one algorithm
        i.e., compound Algorithm names, like RSA-SHA1, can occur
2.   Orthogonal specification
        i.e., simple Algorithm names but Algorithms occur as
        Parameters to other Algorithms

NOTE: As long as we permit user defined algorithms, there is no
way to stop someone from using G.1 and as long as we allow
parameters, there is not way to stop someone from using G.2
although you can make G.2 a bit less convenient, depending on
your parameter syntax.  So the question is really just for the
algorithms we specify in the WG documents.

There are arguments on both sides.  This is a religious issue.
I have my own opinions but we will go with the WG consensus.


Donald E. Eastlake, 3rd
17 Skyline Drive, Hawthorne, NY 10532 USA
dee3@us.ibm.com   tel: 1-914-784-7913, fax: 1-914-784-3833

home: 65 Shindegan Hill Road, RR#1, Carmel, NY 10512 USA
dee3@torque.pothole.com   tel: 1-914-276-2668

Received on Friday, 15 October 1999 15:01:38 UTC