W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2001

Re: MAC and HMAC

From: Dave Roberts <dave.roberts@saaconsultants.com>
Date: Thu, 18 Oct 2001 17:44:40 +0100 (BST)
To: Joseph Reagle <reagle@w3.org>
cc: Naveen Kumar Konduru <konduru27@yahoo.com>, dsig <w3c-ietf-xmldsig@w3.org>
Message-ID: <Pine.A32.3.96.1011018173457.7398A-100000@olympus.saa-cons.co.uk>
On Fri, 12 Oct 2001, Joseph Reagle wrote:

> HMAC-SHA1 is actually to be used as the SignatureAlgorithm (though security 
> concerns prompts us to distinguish between "Signature" and "MAC" in the 
> algorithm characterizations.) Consequently, the key would be identified in 
> KeyInfo.

May I ask what type of KeyInfo would you use?

In addition, section 6.3.1 states that the output length of the HMAC
algorithm can be truncated.  However RFC 2104 makes no mention of
truncation (that I could see).  So I was wondered what exactly is


- Dave.
Received on Thursday, 18 October 2001 12:46:07 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC