Joe Ashwood said among many other things, > By specifying things in this way (e.g. 3DES with SHA-1) we immediately build > an exponential increase in the parsing design as more authenticity and > encryption algorithms are added. It would be much better to specify the two > seperately, resulting in linear growth. The combinations are not very well > matched, ... I agree. I think it is better to avoid defining encryption-with-digest. Define only plain encryption. If people want also integrity they should use the HashOfRandomized tag (assuming you all agree to it...). BTW, I'm all for renaming this tag. I now think my original choice (HashOfRandomized) is a particularly poor choice. I now propose to replace it simply by reusing the existing <DigestValue> and <DigestMethod> tags, to be placed within <CipherText>. Best regards, Amir Herzberg CTO, NewGenPay Inc. See demo and lectures/overviews/tutorials on crypto-security for mobile, e-commerce, etc. in http://www.newgenpay.com/mpay/course/course.htmlReceived on Tuesday, 15 May 2001 03:11:04 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT