- From: Dave Roberts <dave.roberts@saaconsultants.com>
- Date: Thu, 18 Oct 2001 17:44:40 +0100 (BST)
- To: Joseph Reagle <reagle@w3.org>
- cc: Naveen Kumar Konduru <konduru27@yahoo.com>, dsig <w3c-ietf-xmldsig@w3.org>
On Fri, 12 Oct 2001, Joseph Reagle wrote: > HMAC-SHA1 is actually to be used as the SignatureAlgorithm (though security > concerns prompts us to distinguish between "Signature" and "MAC" in the > algorithm characterizations.) Consequently, the key would be identified in > KeyInfo. May I ask what type of KeyInfo would you use? In addition, section 6.3.1 states that the output length of the HMAC algorithm can be truncated. However RFC 2104 makes no mention of truncation (that I could see). So I was wondered what exactly is truncated. TIA - Dave.
Received on Thursday, 18 October 2001 12:46:07 UTC