Re: CryptoBinary and base64Binary clarification from Joseph Reagle on 2001-10-13 (w3c-ietf-xmldsig@w3.org from October to December 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 12 Oct 2001 20:19:26 -0400
To: <hirsch@zolera.com>, <w3c-ietf-xmldsig@w3.org>
Message-Id: <20011013001927.6457987355@policy.w3.org>

On Wednesday 10 October 2001 10:21, Frederick Hirsch wrote:
> As I understand it, CryptoBinary was originally defined before
> base64BInary was added to schema. 

Correct.

> CryptoBinary was defined to include
> stripping of leading 0 octets - providing a form of compression. When
> base64Binary was added to schema, it was defined without this stripping.
> I believe that is now the only difference.

I believe CryptoBinary also addresses endianess and integer -> octect 
string, over what schema provides for [1].

[1] http://www.w3.org/TR/xmlschema-2/#base64Binary

> What is confusing is knowing when to use CryptoBinary and when to use
> base64Binary. Apparently you must use base64binary whenever a value must
> be exact - e.g. a signature value, a digest value or a ciphervalue. Is
> that correct?

http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html#sec-CoreSyntax
"
This type is used by "bignum" values such as RSAKeyValue and DSAKeyValue. 
If a value can be of type base64Binary or ds:CryptoBinary they are defined 
as base64Binary. For example, if the signature algorithm is RSA or DSA then 
SignatureValue represents a bignum and could be ds:CryptoBinary. However, 
if HMAC-SHA1 is the signature algorithm then SignatureValue could have 
leading zero octets that must be preserved. Thus SignatureValue is 
generically defined as of type base64Binary."

> Is there a reason that we do not eliminate CryptoBinary from the XML
> Digital SIgnature recommendation and only use base64Binary?

base64Binary is under-specified for our purposes.

> savings significant in an XML context? Is CryptoBinary retained for
> backward compatability with developing implementations, or is there
> another reason I'm missing?

Underspecified and legacy.

-- 
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Friday, 12 October 2001 20:19:28 UTC