Re: <ds:Signature/> and <Signature/> from Tom Gindin on 2006-06-07 (w3c-ietf-xmldsig@w3.org from April to June 2006)

From: Tom Gindin <tgindin@us.ibm.com>
Date: Tue, 6 Jun 2006 23:14:44 -0400
To: Hothi_Amrit@emc.com
Cc: w3c-ietf-xmldsig@w3.org
Message-ID: <OFB0C6AC8B.BC9ECCD9-ON85257180.003F09A6-85257186.0011CF05@us.ibm.com>

        Amritpal:

        If you look inside the lower-level signature algorithms you'll 
find that the signature value is expected to be identical between multiple 
uses of the same key over the same base for RSA v1 signatures (
http://www.w3.org/2000/09/xmldsig#rsa-sha1 and the various 
http://www.w3.org/2001/04/xmldsig-more/rsa-* algorithms) but not for DSA (
http://www.w3.org/2000/09/xmldsig#dsa-sha1) or RSA PSS (not used by 
XMLDSIG).  I personally don't know about ECDSA.

                Tom Gindin





Hothi_Amrit@emc.com
Sent by: w3c-ietf-xmldsig-request@w3.org
05/31/2006 06:43 PM
 
        To:     <w3c-ietf-xmldsig@w3.org>
        cc: 
        Subject:        <ds:Signature/>   and <Signature/>



Hi,

 I looking at signature interoperability between C which is using
libxml2 (v 2.6.24) and Java using Apache's xml-security libs.  When I
sign the same document using the same key on same document.  The digest
match, but the signature values are different?

 Also the C lib is signing with the signature element <Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"> whereas Java's signature
element is: <ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">. 

Thanks,
Amritpal.

Received on Wednesday, 7 June 2006 03:22:00 UTC