- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 29 Aug 2000 15:28:42 -0400
- To: merlin <merlin@baltimore.ie>
- Cc: w3c-ietf-xmldsig@w3.org
At 18:48 8/29/2000 +0100, merlin wrote: >I oppose it. If I'm using hardware then I'll have to do two >verifies; one against the raw digest, the other against the >ASN.1 blob. And the ? security issues. I want no choice, >probably just a crypted ASN.1 blob. Oops, yes, sorry I didn't mean to represent you advocated that. For some reason I have trouble with formers and latters -- with left and right there is fortunately fork and knife <grin> -- which affected my excerpting. __ 1) The signature may be either an encrypted ASN.1 blob (PKCS#1) or an encrypted raw digest (like W?TLS) or 2) The signature is always an encrypted ASN.1 blob (PKCS#1) but it may be wrapped/prepended/... by an ASN.1 OID. _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Tuesday, 29 August 2000 15:28:46 UTC