- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 27 Mar 2001 14:50:24 -0500
- To: "Brian LaMacchia" <bal@microsoft.com>
- Cc: <w3c-ietf-xmldsig@w3.org>
At 19:28 3/26/2001 -0800, Brian LaMacchia wrote:
>CryptoBinary and base64Binary are not exactly equivalent -- there are
>further restrictions on a CryptoBinary because it is a representation of
>a single bignum. From the latest DSIG draft, section 6.4, is this
>implicit definition of the CryptoBinary format
Ok, as we discussed, this bignum encoding rule we created for RSA and DSA
KeyValues should probably apply to all the CryptoBinary types. So I've moved
the text in section 6.4 and associate it with the CryptoBinary type [1]. The
question then is there any definitions relying upon ds:CryptoBinary (i.e.,
SignatureValue, DigestValue, X509SKI, X509Certificate, X509CRL,
PGPKeyPacket) that should be of xsd:base64Binary (or any other variant)?
__
[1]
http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html#sec-CryptoBinary
4.0.1 The CryptoBinary Simple Type
This specification defines the CryptoBinary simple type for representing
arbitrary-length integers (e.g. "bignums") in XML as octet strings. The
integer value is first converted to a "big endian" bitstring. The bitstring
is then padded with leading zero bits so that the total number of bits == 0
mod 8 (so that there are an integral number of octets). If the bitstring
contains entire leading octets that are zero, these are removed (so the
high-order octet is always non-zero). This octet string is then base64
[MIME] encoded. (The conversion from integer to octet string is equivalent
to IEEE 1363's I2OSP [1363] with minimal length).
Schema Definition:
<simpleType name="CryptoBinary">
<restriction base="base64Binary">
</restriction>
</simpleType>
__
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Tuesday, 27 March 2001 14:50:27 UTC