- From: Brian LaMacchia <bal@microsoft.com>
- Date: Tue, 17 Apr 2001 14:11:39 -0700
- To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, <w3c-ietf-xmldsig@w3.org>
- Cc: <lde008@dms.isg.mot.com>
Two questions: 1) Why did you choose to use URLs that were not of the form "http://www.w3.org/2000/09/xmldsig#<something>", where the something is sha256, sha284, etc. Ideally these should probably be NIST-defined identifiers, and failing that I would have expected them to follow the XMLDSIG naming scheme. 2) Why did you add the truncation options to SHA-384 and SHA-512? I can't really see a point in this; if you want a shorter hash output then just use a shorter hash function. DO you have a particular scenario in mind that would likely want to use a subset of a SHA-384 or SHA-512 hash? --bal -----Original Message----- From: Donald E. Eastlake 3rd [mailto:dee3@torque.pothole.com] Sent: Monday, April 16, 2001 8:59 PM To: w3c-ietf-xmldsig@w3.org Cc: lde008@dms.isg.mot.com Subject: additional XMLDSIG URIs My first partial draft of additional XMLDSIG URIs is at <ftp://ftp.pothole.com/pub/dee3/draft-eastlake-xmldsig-uri-00.txt> Donald ===================================================================== Donald E. Eastlake 3rd dee3@torque.pothole.com 155 Beaver Street +1 508-634-2066(h) Milford, MA 01757 USA +1 508-261-5434(w)
Received on Tuesday, 17 April 2001 17:43:35 UTC