W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: Using DOMHASH with XML DSig

From: Juergen Brauckmann <brauckmann@trustcenter.de>
Date: Mon, 04 Sep 2000 09:34:28 +0200
Message-Id: <3.0.5.32.20000904093428.00cb6320@localhost>
To: w3c-ietf-xmldsig@w3.org
At 14:33 04.09.00 +0900, TAMURA Kent wrote:
>
>In message "Using DOMHASH with XML DSig"
>    on 00/09/01, Ambarish Malpani <ambarish@valicert.com> writes:
>> - Are other groups trying to use DOMHASH with XML DSig

We (TC TustCenter) were considering it. We decided not to use it for now
mainly for interoperability reasons. It seems to us that XML
implementations must know some sort of C14N anyway, and that it's not so
likely that others have DOMHASH implemented. In addition it is not clear to
us what reference should be used to mark DOMHASH
(http://www.rfc-editor.org/rfc/rfc2803.txt?) so that other implementations
recognize it... .

>> - Are there strong feelings in this group about the advisability of
>> 	doing so?

I'm interested in this too. 

>Canonicalization and digesting are not able to be separated in
>DOMHASH.  If you use DOMHASH as a Canonicalization method or a
>Transform, digest calculation is done twice.  

Would it be possible to use it as a DigestMethod in a Reference? I would
assume yes.

>I guess DOMHASH is
>slower than W3C C14n.

I would be surprised if not, since processing of each Node requires at
least converting the node name to UTF-16BE, and for Element nodes you need
to sort all children by name and separately hash all sub nodes... . 

Regards,
   Juergen.
Received on Monday, 4 September 2000 03:34:34 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT