On Fri, 8 Aug 1997, Jon Callas wrote:
There's already a constant for RIPE-MD/160. It may have gotten slipped from
that draft. There will be another draft once we're back from Europe.
Yes, and if anyone bothered to buy the source, they would find out the
number is 3.
They also might notice that the DSAVerify routine has a line of the form
if ( hash_alg != SHA1_hash )
So anyone actually using RIPE-MD/160 for signatures will have them shown
as bad although they are mathematically correct (also applies to MD5).
Speaking of which, since DSA has only 160 bytes, and does not use the ASN1
prefix string that the RSA signatures use, are these going to be dropped?
If/when you allow El Gamal signatures, will they be the lower 20 bytes
with that PKCS padding and will they use the ASN1 strings, and what are
they for RIPE-MD-160 and SHA1 - I think they are blank in the source.
--- reply to tzeruch - at - ceddec - dot - com ---