W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

AW: XMLDSIG RSA signatures

From: Gregor Karlinger <gregor.karlinger@iaik.at>
Date: Wed, 30 Aug 2000 08:38:02 +0200
To: "Joseph M. Reagle Jr." <reagle@w3.org>, "merlin" <merlin@baltimore.ie>
Cc: "Philip Hallam-Baker" <pbaker@verisign.com>, "'Barb Fox'" <bfox@Exchange.Microsoft.com>, "Gregor Karlinger" <gregor.karlinger@iaik.at>, <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBIMACDKCOPBLEJCCDAEDCCKAA.gregor.karlinger@iaik.at>
Hi Joseph,

> And we control what [1] means, consequently does anyone oppose Merlin's
> first option [2]?

Yes, I strongly oppose Merlin's first option:

* We cite RSASSA-PKCS1-v1_5 as normative reference, and encrypting the
  raw digest instead of the ASN.1 structure is not an option there.

* As Phil stated in [1], the OID for the digest algorithm has been added
  to prevent a chosen digest attack.

* To allow this option only because WTLS does it, is not a really good


Regards, Gregor
Gregor Karlinger
Phone +43 316 873 5541
Institute for Applied Information Processing and Communications

Received on Wednesday, 30 August 2000 02:38:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:34 UTC