- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Tue, 15 May 2001 10:14:35 +0300
- To: "'Joseph Ashwood'" <jashwood@arcot.com>, Donald Eastlake 3rd <Donald.Eastlake@motorola.com>, xml-encryption@w3.org
Joe Ashwood said among many other things, > By specifying things in this way (e.g. 3DES with SHA-1) we immediately build > an exponential increase in the parsing design as more authenticity and > encryption algorithms are added. It would be much better to specify the two > seperately, resulting in linear growth. The combinations are not very well > matched, ... I agree. I think it is better to avoid defining encryption-with-digest. Define only plain encryption. If people want also integrity they should use the HashOfRandomized tag (assuming you all agree to it...). BTW, I'm all for renaming this tag. I now think my original choice (HashOfRandomized) is a particularly poor choice. I now propose to replace it simply by reusing the existing <DigestValue> and <DigestMethod> tags, to be placed within <CipherText>. Best regards, Amir Herzberg CTO, NewGenPay Inc. See demo and lectures/overviews/tutorials on crypto-security for mobile, e-commerce, etc. in http://www.newgenpay.com/mpay/course/course.html
Received on Tuesday, 15 May 2001 03:11:04 UTC