W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: XMLDSIG RSA signatures

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 29 Aug 2000 15:28:42 -0400
Message-Id: <3.0.5.32.20000829152842.02b3c848@localhost>
To: merlin <merlin@baltimore.ie>
Cc: w3c-ietf-xmldsig@w3.org
At 18:48 8/29/2000 +0100, merlin wrote:
 >I oppose it. If I'm using hardware then I'll have to do two
 >verifies; one against the raw digest, the other against the
 >ASN.1 blob. And the ? security issues. I want no choice,
 >probably just a crypted ASN.1 blob.

Oops, yes, sorry I didn't mean to represent you advocated that. For some
reason I have trouble with formers and latters -- with left and right there
is fortunately fork and knife <grin> -- which affected my excerpting.

__

1) The signature may be either an encrypted ASN.1 blob (PKCS#1)
or an encrypted raw digest (like W?TLS)
  or
2) The signature is always an encrypted ASN.1 blob (PKCS#1) but
it may be wrapped/prepended/... by an ASN.1 OID.

_________________________________________________________
Joseph Reagle Jr.   
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Tuesday, 29 August 2000 15:28:46 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT