- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 29 Apr 2009 18:50:01 +0200
- To: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
- Cc: Dieter Bratko <Dieter.Bratko@iaik.tugraz.at>, XMLSec WG Public List <public-xmlsec@w3.org>
So... If I get this correctly, then the things you want to have added are: (a) ECDSA-RIPEMD160 -- this one was in draft-eastlake: http://tools.ietf.org/html/draft-eastlake-additional-xmlsec-uris-00 Is there any reason why the text used there (see section 2.3.6) would be inadequate? (b) ECDSA-WHIRLPOOL -- this one wasn't. Is there a URI for whirlpool that would be defined elsewhere, and belongs in the cross-reference? Or do we need to coin one? Thanks, -- Thomas Roessler, W3C <tlr@w3.org> On 24 Mar 2009, at 18:11, Konrad Lanz wrote: > Draft updates ... to be merged into "XML Security Algorithm Cross- > Reference" > > http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html > > ... > > 2 Namespaces > > ... > > add to dsigmore: http://www.w3.org/2007/05/xmldsig-more# > > ... > > 3.3 Elliptic Curve DSA > > ECDSA-RIPEMD160 > URI: > http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160 > Specified in: > German BSI Technical Guideline TR-03111 > <http://www.bsi.bund.de/literat/tr/tr03111/BSI-TR-03111.pdf#page=27> > > Note: #ecdsa-ripemd160 identifies a signature method processed in > the > same way as specified by the #ecdsa-sha1. The signature value is > however > encoded as (r || s) and not wrapped into a SEQUENCE as done by > X9.62. If > the hash length is larger than the domain parameter length the hash is > not truncated like in X9.62; rather it is reduced modulo n, the > order of > the base point G. > > > > ECDSA-WHIRLPOOL > > URI: > http://www.w3.org/2007/05/xmldsig-more#ecdsa-whirlpool > Specified in: > German BSI Technical Guideline TR-03111 > <http://www.bsi.bund.de/literat/tr/tr03111/BSI-TR-03111.pdf#page=27> > cf. ecdsa-with-Specified where "Specified" is WHIRLPOOL. > > The #ecdsa-whirlpool fragment identifies a signature method > processed in the same way as specified by the > #ecdsa-sha512 fragment with the exception that WHIRLPOOL is used > instead of SHA-512. > > Note: The signature value is however encoded as (r || s) and not > wrapped into a SEQUENCE as done by X9.62. If the hash length is larger > than the domain parameter length the hash is not truncated like in > X9.62; rather it is reduced modulo n, the order of the base point G. > > ... > > 3.2 RSA > > RSA-WHIRLPOOL > URI: > http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool > Specified like: > RSA-SHA512 with the exception that WHIRLPOOL is used instead of > SHA-512 the PKCS#1 v1.5 padding algorithm [RFC3447] as described > in section 2.3.1 but with the ASN.1 BER WHIRLPOOL algorithm > designator prefix is implied. > > > > -- > Konrad Lanz, IAIK/SIC - Graz University of Technology > Inffeldgasse 16a, 8010 Graz, Austria > Tel: +43 316 873 5547 > Fax: +43 316 873 5520 > http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/ > http://jce.iaik.tugraz.at/sic/products/xml_security/ > > Downlaod certificate chain (including the EuroPKI root certificate): > http://ca.iaik.tugraz.at/capso/certs.jsp > > <Konrad_Lanz.vcf>
Received on Wednesday, 29 April 2009 16:50:20 UTC