W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: XMLDSIG RSA signatures

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 29 Aug 2000 13:07:55 -0400
Message-Id: <3.0.5.32.20000829130755.02b3f4b0@localhost>
To: merlin <merlin@baltimore.ie>
Cc: Philip Hallam-Baker <pbaker@verisign.com>, "'Barb Fox'" <bfox@Exchange.Microsoft.com>, Gregor Karlinger <gregor.karlinger@iaik.at>, w3c-ietf-xmldsig@w3.org
At 17:31 8/29/2000 +0100, merlin wrote:
 >
 >Algorithm URIs can and should be used to solve the versioning problem.
 >Deriving meaning from an OID would make XMLDSIG _really_ dependent upon
 >an ASN.1 parser. Requiring that a crypto toolkit can process the OID
 >within a signature is only to be expected, and is an orthogonal issue.
 >
 >Merlin

And we control what [1] means, consequently does anyone oppose Merlin's
first option [2]?

[1] http://www.w3.org/2000/07/xmldsig#rsa-sha1 
[2] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0375.html
1) The signature may be either an encrypted ASN.1 blob (PKCS#1)
or an encrypted raw digest (like W?TLS)
  

_________________________________________________________
Joseph Reagle Jr.   
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Tuesday, 29 August 2000 13:08:47 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT