W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2003

Re: QUESTION ABOUT PKCS#7 AND XMLDSIG

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Mon, 24 Feb 2003 13:15:24 +0100
To: DEMERJIAN <demerjia@enst.fr>, w3c-ietf-xmldsig@w3.org
Cc: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Message-ID: <19856992.1046092524@pinkpanther>

Hi Jacques,

from what I see, the document you cite is from July 1997. I don't know what 
Mr. Kaliski and Mr. Kingdon want to express by saying "basis".

(1) XML Signature relies on X.509 certificates for representing --well-- 
X.509 certificates.

(2) It does *not* use PKCS#7 as message syntax format.

(3) If you look at <http://www.w3.org/TR/xmldsig-core/#ref-PKCS1>, it cites 
PKCS#1 as XML Signature uses RSA, but that's all.

Kind regards,
Christian

--On Montag, 24. Februar 2003 11:28 +0100 DEMERJIAN <demerjia@enst.fr> 
wrote:

> In the [Extensions and Revisions to PKCS #7 - Burton S. Kaliski Jr.,
> Ph.D. and Kevin W. Kingdon 1 - An RSA Laboratories Technical Note - May
> 13, 1997 - http://security.ece.orst.edu/koc/ece575/rsalabs/bulletn6.pdf ]
> thay said that :
>
> { PKCS#7 has become the basis of S/MIME, SET, ....also PKCS#7 become a
> basis for message security in systems as diverse as the W3C Digital
> Signature Initiative, ...}.
>
> My question is : What they mean about basis  .
>
> Does xmlDSIG use pkcs#7? or xmlDSIG uses the same method (or logic) as
> that of pkcs#7?  What is the relation between pkcs#7 and XMLDSIG?
>
> Thanks
>
> jacques
Received on Monday, 24 February 2003 07:14:14 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT