Hi Joseph, > And we control what [1] means, consequently does anyone oppose Merlin's > first option [2]? Yes, I strongly oppose Merlin's first option: * We cite RSASSA-PKCS1-v1_5 as normative reference, and encrypting the raw digest instead of the ASN.1 structure is not an option there. * As Phil stated in [1], the OID for the digest algorithm has been added to prevent a chosen digest attack. * To allow this option only because WTLS does it, is not a really good reason --- [1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0377.html Regards, Gregor --------------------------------------------------------------- Gregor Karlinger mailto://gregor.karlinger@iaik.at http://www.iaik.at Phone +43 316 873 5541 Institute for Applied Information Processing and Communications Austria ---------------------------------------------------------------
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT