- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Thu, 19 Mar 2009 08:58:25 -0400
- To: "ext Hillebrand, Rainer" <Rainer.Hillebrand@t-mobile.net>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, "Barstow Art (Nokia-CIC/Boston)" <Art.Barstow@nokia.com>, public-webapps <public-webapps@w3.org>
Please take a look at the FPWD of XML Signature 1.1 which describes the use of Elliptic Curve algorithms in the context of XML Signature: http://www.w3.org/TR/2009/WD-xmldsig-core1-20090226/ Ideally widgets signature should just reference XML Signature 1.1 algorithms. I also note that the XML Security WG continues to refine XML Signature 1.1 and is looking for feedback. Thanks regards, Frederick Frederick Hirsch Nokia On Mar 19, 2009, at 6:17 AM, ext Hillebrand, Rainer wrote: > Dear Art, > > May I give feedback on an old action item regarding the preference > for ECDSA vs. DSA. I hope that T-Mobile's position statement is not > too late. > > T-Mobile favors ECDSA. DSA has no advantage regarding speed and > memory consumption against the classic RSA. ECDSA improves the > security level. > > Please note that ECDSA supports prime field cases and binary field > cases. Especially the binary field cases are covered by patents. > > Due to the fact that different parameters for the elliptic curves > can be used or are standardized, these parameters are relevant too. > The NIST recommends fifteen elliptic curves (five prime curves and > ten binary curves, see also http://en.wikipedia.org/wiki/Elliptic_curve_cryptography) > . The so-called Brainpool curves are preferred in Germany (see also http://www.ietf.org/internet-drafts/draft-lochter-pkix-brainpool-ecc-03.txt) > . > > Best Regards, > > Rainer > > ************************************* > T-Mobile International > Terminal Technology > Rainer Hillebrand > Head of Terminal Security > Landgrabenweg 151, D-53227 Bonn > Germany > > +49 171 5211056 (My T-Mobile) > +49 228 936 13916 (Tel.) > +49 228 936 18406 (Fax) > E-Mail: rainer.hillebrand@t-mobile.net > > http://www.t-mobile.net > > This e-mail and any attachment are confidential and may be > privileged. If you are not the intended recipient, notify the sender > immediately, destroy all copies from your system and do not disclose > or use the information for any purpose. > > Diese E-Mail inklusive aller Anhänge ist vertraulich und könnte > bevorrechtigtem Schutz unterliegen. Wenn Sie nicht der beabsichtigte > Adressat sind, informieren Sie bitte den Absender unverzüglich, > löschen Sie alle Kopien von Ihrem System und veröffentlichen Sie > oder nutzen Sie die Information keinesfalls, gleich zu welchem Zweck. > > > T-Mobile International AG > Aufsichtsrat/ Supervisory Board: René Obermann (Vorsitzender/ > Chairman) > Vorstand/ Board of Management: Hamid Akhavan (Vorsitzender/ > Chairman), Michael Günther, Lothar A. Harings, Katharina Hollender > Handelsregister/Commercial Register Entry: Amtsgericht Bonn, HRB 12276 > Steuer-Nr./Tax No.: 205 / 5777/ 0518 > USt.-ID./VAT Reg.No.: DE189669124 > Sitz der Gesellschaft/ Corporate Headquarters: Bonn >
Received on Thursday, 19 March 2009 12:59:51 UTC