- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Thu, 12 Jul 2001 10:13:59 +0200
- To: Donald Eastlake <lde008@dma.isg.mot.com>, w3c-ietf-xmldsig@w3.org
Dear Donald, --On Mittwoch, 11. Juli 2001 11:28 -0400 Donald Eastlake <lde008@dma.isg.mot.com> wrote: > Regardless of how things come out with what we recommend > for base64, I suggest the addition of some material in > 3.2 Core Validation as show in the attachment. To 3.2.2 the last point of the notes was: <cite> Different implementations may produce different [...]. That is because they may encode the relevant DigestValue in the Reference to the data with different white space or the like. </cite> I think the produce different SignatureValues because the signature algorithm uses some random value (time varian parameter) during signature generation which is used to protect against some attacks. This is the reason why you can supply some SecureRandom (in JAVA) to a Signature generation. ... I would add "That is because ... white space or because of algorithm behaviour." Christian -------------------------------------------------------------------------- Institute for Data Communications Systems University of Siegen Hoelderlinstrasse 3 D-57068 Siegen Germany mail: mailto:geuer-pollmann@nue.et-inf.uni-siegen.de web: <http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/>
Received on Thursday, 12 July 2001 04:10:14 UTC