Re: XMLDSIG RSA signatures from merlin on 2000-08-29 (w3c-ietf-xmldsig@w3.org from July to September 2000)

From: merlin <merlin@baltimore.ie>
Date: Tue, 29 Aug 2000 18:48:46 +0100
To: "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: w3c-ietf-xmldsig@w3.org
Message-Id: <200008291748.SAA02799@cougar.baltimore.ie>

Hi,

I oppose it. If I'm using hardware then I'll have to do two
verifies; one against the raw digest, the other against the
ASN.1 blob. And the ? security issues. I want no choice,
probably just a crypted ASN.1 blob.

Merlin

r/reagle@w3.org/2000.08.29/13:07:55
>And we control what [1] means, consequently does anyone oppose Merlin's
>first option [2]?
>
> [...]
>
>1) The signature may be either an encrypted ASN.1 blob (PKCS#1)
>or an encrypted raw digest (like W?TLS)

Received on Tuesday, 29 August 2000 13:49:23 UTC