- From: Cantor, Scott <cantor.2@osu.edu>
- Date: Wed, 13 Jun 2012 15:42:23 +0000
- To: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
I'm sure there's a good reason, but what is the justification for putting the GCM authentication tag at the end of the ciphertext instead of in an XML attribute or something? It seems very awkward to have to specially handle the ciphertext and split off the tag for just one algorithm. That makes adaptation to existing APIs harder than it needs to be. -- Scott
Received on Wednesday, 13 June 2012 15:45:08 UTC