- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 6 May 2009 19:18:24 +0200
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Konrad Lanz <konrad.lanz@iaik.tugraz.at>
Received on Wednesday, 6 May 2009 17:18:37 UTC
To put this into the public record... I asked some security folks at the IETF; their comment was that there is no known security difference between the two variants, which is useful to confirm. For the ECDSA algorithms that we define so far, we actually *don't* use the ASN.1 sequence, in other words, we're going for the "plain" alternative anyway. That, to me, suggests that we only coin identifiers for the "plain" variants of ECDSA-RIPEMD160 (and - whirlpool), and dont bother with the non-plain ones. http://www.w3.org/TR/xmldsig-core1/#sec-ECDSA Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Wednesday, 6 May 2009 17:18:37 UTC