On 2005-07-14 18:21:03 -0500, Earl Hood wrote:
* Section 3.3:
There is unnecessary information here, and information that can
lead to ambiguous implementations.
When it comes to cryptography, you should reference cryptographic
standard where appropriate since those standards are very explicit
on algorithms and processes. For example, you should explicitly
specify RSASSA-PKCS1-V1_5 signing and verification method must be
used (which is defined in PKCS#1).
Avoid "re-describing" algorithms unless you plan to use a custom
signing method that is not defined in the PKCS specs, or other
cryptographic-related standards.
The term "native binary form" is ambiguous and riddled with problems.
From a cryptographic perspective, ASN.1 DER rules are used for
encoding all data, allowing for portability (another reason why
crypto specs should be referenced).
Section 6.4 of draft-allman-dkim-base has similar problems, and
talks about "decrypting the signature using the signer's public key"
and comparing the "decrypted signature" to the hash.
--
Thomas Roessler, W3C <tlr(_at_)w3(_dot_)org>