W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: XMLDSIG RSA signatures

From: merlin <merlin@baltimore.ie>
Date: Tue, 29 Aug 2000 18:48:46 +0100
Message-Id: <200008291748.SAA02799@cougar.baltimore.ie>
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: w3c-ietf-xmldsig@w3.org

Hi,

I oppose it. If I'm using hardware then I'll have to do two
verifies; one against the raw digest, the other against the
ASN.1 blob. And the ? security issues. I want no choice,
probably just a crypted ASN.1 blob.

Merlin

r/reagle@w3.org/2000.08.29/13:07:55
>And we control what [1] means, consequently does anyone oppose Merlin's
>first option [2]?
>
> [...]
>
>1) The signature may be either an encrypted ASN.1 blob (PKCS#1)
>or an encrypted raw digest (like W?TLS)
Received on Tuesday, 29 August 2000 13:49:23 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT