W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

Re: AW: syntax and processing draft - update

From: <tgindin@us.ibm.com>
Date: Tue, 31 Aug 1999 10:42:11 -0400
To: "Peter Lipp" <Peter.Lipp@iaik.at>
cc: "Solo, David" <david.solo@citicorp.com>, "'w3c-ietf-xmldsig'" <w3c-ietf-xmldsig@w3.org>
Message-ID: <852567DE.0050DFF6.00@D51MTA05.pok.ibm.com>

"Peter Lipp" <Peter.Lipp@iaik.at> on 08/30/99 06:41:43 AM

To:   "Solo, David" <david.solo@citicorp.com>, "'w3c-ietf-xmldsig'"
Subject:  AW: syntax and processing draft - update

Generally, I like the proposal.

Just some minor remarks:

a) why is the objecttype "hidden" in objectlocation?
     I don't have a strong opinion here but it would seem cleaner
     to have it as a sepearate element of signedobjectdata. Even
     Digestalg and value are sepearated...... however
b) Wouldn't it be better to put digestalg and value into one element? What
if we want
     to allow more than one digest for multiple signature algorithms?
     I would like to allow more than one digest (using different algs)
     in a signature to protect against broken digest algs without the
     need to have separate signatures.

[Tom Gindin]   How about the "composite hash algorithm" idea?  There should
shortly be some published OID's for such combinations as SHA-1 followed by MD2,
and some could be added to mix RIPE-MD with either SHA-1 or one of the MD's.
Breaking one of those digest algorithms just reduces the digest strength to that
of the other digest algorithm(s), and finding collisions in one (which seems to
be the most common kind of break) has little effect unless you can find
coincident collisions in the other.  For longer signature keys, you can even
have three hashes, although there might be some reason not to extend the
aggregate hash length beyond half the key length.

Have a nice F2F!

Received on Tuesday, 31 August 1999 10:44:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:09:56 UTC