- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Thu, 18 Oct 2001 19:07:43 +0200
- To: Dave Roberts <dave.roberts@saaconsultants.com>, Joseph Reagle <reagle@w3.org>
- Cc: Naveen Kumar Konduru <konduru27@yahoo.com>, dsig <w3c-ietf-xmldsig@w3.org>
Hi Dave, --On Donnerstag, 18. Oktober 2001 17:44 +0100 Dave Roberts <dave.roberts@saaconsultants.com> wrote: >> HMAC-SHA1 is actually to be used as the SignatureAlgorithm (though >> security concerns prompts us to distinguish between "Signature" and >> "MAC" in the algorithm characterizations.) Consequently, the key would >> be identified in KeyInfo. > > May I ask what type of KeyInfo would you use? The MAC uses a symmetric key which has to be identified by an optionally supplied KeyInfo. So you cannot include the Key itself as KeyValue and cannot use X509Data cause the Key has nothing to do with X.509 Certificates. But you _can_ use KeyName with a custom KeyIdentifier or a retrival method that works in the signature verification environment. > In addition, section 6.3.1 states that the output length of the HMAC > algorithm can be truncated. However RFC 2104 makes no mention of > truncation (that I could see). So I was wondered what exactly is > truncated. The MAC algorithm outputs a byte array of the length of the used digest method (for HMAC-SHA1 which uses SHA1, this are 160 bit (20 byte)). This byte array is truncated... Christian
Received on Thursday, 18 October 2001 13:05:30 UTC