- From: Jiandong Guo <jguo@phaos.com>
- Date: Thu, 18 Apr 2002 16:41:52 -0400
- To: reagle@w3.org
- CC: xml-encryption@w3.org
Received on Thursday, 18 April 2002 16:40:58 UTC
Joseph Reagle wrote: > > > Otherwise, it looks like we have a couple of options: > > 1. (the present scheme): the hash is user specified; mgf is SHA-1. > 2. the hash and mgf is user specified and they are always the same. > 3. the hash and mgf are independently user specified. > Option 2 looks odd to me. First of all we DEFAULT our Mask Generation Function to MGF1 (Mask Generation Function does not necessarily rely on a hash function. There could be a MGF2 based, say, on AES) and then we mix up the hash function and the hash function for MGF1 in our syntax and rely on text explanation to make things clear. If we want to support new things, we should think carefully how to get the syntax clear and extensible. Simply give a new interpretation of the existing syntax doesn't sound a good practice to me. By the way, MGF1 is not a hash function. A hash function is used in the process of MGF1. Jiandong
Received on Thursday, 18 April 2002 16:40:58 UTC