Re: XMLDSIG RSA signatures

Hi,

I oppose it. If I'm using hardware then I'll have to do two
verifies; one against the raw digest, the other against the
ASN.1 blob. And the ? security issues. I want no choice,
probably just a crypted ASN.1 blob.

Merlin

r/reagle@w3.org/2000.08.29/13:07:55
>And we control what [1] means, consequently does anyone oppose Merlin's
>first option [2]?
>
> [...]
>
>1) The signature may be either an encrypted ASN.1 blob (PKCS#1)
>or an encrypted raw digest (like W?TLS)

Received on Tuesday, 29 August 2000 13:49:23 UTC