- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 29 Aug 2000 13:07:55 -0400
- To: merlin <merlin@baltimore.ie>
- Cc: Philip Hallam-Baker <pbaker@verisign.com>, "'Barb Fox'" <bfox@Exchange.Microsoft.com>, Gregor Karlinger <gregor.karlinger@iaik.at>, w3c-ietf-xmldsig@w3.org
At 17:31 8/29/2000 +0100, merlin wrote: > >Algorithm URIs can and should be used to solve the versioning problem. >Deriving meaning from an OID would make XMLDSIG _really_ dependent upon >an ASN.1 parser. Requiring that a crypto toolkit can process the OID >within a signature is only to be expected, and is an orthogonal issue. > >Merlin And we control what [1] means, consequently does anyone oppose Merlin's first option [2]? [1] http://www.w3.org/2000/07/xmldsig#rsa-sha1 [2] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0375.html 1) The signature may be either an encrypted ASN.1 blob (PKCS#1) or an encrypted raw digest (like W?TLS) _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Tuesday, 29 August 2000 13:08:47 UTC