Two questions: 1) Why did you choose to use URLs that were not of the form "http://www.w3.org/2000/09/xmldsig#<something>", where the something is sha256, sha284, etc. Ideally these should probably be NIST-defined identifiers, and failing that I would have expected them to follow the XMLDSIG naming scheme. 2) Why did you add the truncation options to SHA-384 and SHA-512? I can't really see a point in this; if you want a shorter hash output then just use a shorter hash function. DO you have a particular scenario in mind that would likely want to use a subset of a SHA-384 or SHA-512 hash? --bal -----Original Message----- From: Donald E. Eastlake 3rd [mailto:dee3@torque.pothole.com] Sent: Monday, April 16, 2001 8:59 PM To: w3c-ietf-xmldsig@w3.org Cc: lde008@dms.isg.mot.com Subject: additional XMLDSIG URIs My first partial draft of additional XMLDSIG URIs is at <ftp://ftp.pothole.com/pub/dee3/draft-eastlake-xmldsig-uri-00.txt> Donald ===================================================================== Donald E. Eastlake 3rd dee3@torque.pothole.com 155 Beaver Street +1 508-634-2066(h) Milford, MA 01757 USA +1 508-261-5434(w)Received on Tuesday, 17 April 2001 17:43:35 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:13 GMT