RE: XMLDSIG RSA signatures

The reason that I added this as a MAY is because many toolkits
automatically pre-pend that OID in an RSA signature. 

--Barb

-----Original Message-----
From: Gregor Karlinger [mailto:gregor.karlinger@iaik.at]
Sent: Tuesday, August 29, 2000 7:02 AM
To: merlin; w3c-ietf-xmldsig@w3.org
Subject: AW: XMLDSIG RSA signatures


Hi all,

I agree with Merlin, providing the option to wrap the RSA signature
octets
into
a ASN.1 structure, however it looks like

  * has no benefits ,
  * adds options which result in a more complicated verification
process,
  * is confusing (I had to read the text in 6.4.2 some times to get it).

Therefore I also vote to kick this option out.

Regards, Gregor
---------------------------------------------------------------
Gregor Karlinger
mailto://gregor.karlinger@iaik.at
http://www.iaik.at
Phone +43 316 873 5541
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------


> Hi,
>
> In 6.4.2, regarding RSA signatures, the following wording exists:
>
>   A signature MAY contain a pre-pended algorithm object identifier,
>   but the availability of an ASN.1 parser and recognition of OIDs is
>   not required of a signature verifier.
>
> Does this mean that a signature may be (before base 64 encoding):
>
>   SEQUENCE { SEQUENCE { OID . NULL } . BIT_STRING { SIGNATURE_VALUE }
}
> or:
>   SEQUENCE { OID . NULL } . BIT_STRING { SIGNATURE_VALUE }
> or:
>   SEQUENCE { OID . NULL } . SIGNATURE_VALUE
> or:
>   OID . SIGNATURE_VALUE
>
> Or, is it suggesting that the OID _within_ the RSA signature
> (before crypting) is optional?
>
> Regardless, I think it adds options and thus confusion and thus
> deserves, perhaps, to be eliminated..
>
> merlin
>
>
>