W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2002

Exclusive C14n in Apache

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Thu, 23 May 2002 23:13:48 +0200
To: jboyer@PureEdge.com, reagle@w3.org
cc: w3c-ietf-xmldsig@w3.org
Message-ID: <52532858.1022195628@crypto>
Hi John,
hi Joseph,

I implemented exclusive c14n for the Apache package. On my implementation, 
exclusive c14n is SLOWER than inclusive c14n:

   Factor between 1.3 and 1.6

I can verify the signature from merlin-iaikTests-two.tar.gz but one 
reference (the first one fails). This means that I can do reference 
validation on all things which use exclusive c14n. The first reference uses 
conventional (inclusive) c14n.

I re-created the same signature Merlin did on the four IAIK files. This 
signature is attached. HMAC, secret key is the six octets from "secret".


Regards,
Christian

Received on Thursday, 23 May 2002 17:08:31 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:15 GMT