[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AW: AW: [dss-x] A question to the forum
Hi, the standard case would be to omit this element and just leave it to the server to choose the hash algorithm, signature algorithm and key on a specific token. However there may be situations in which the client wants to specify the desired set of algorithms (or even token/keys etc.). If an explicit key is specified, there should be an error if there is no such key. If an algorithm is requested, which is not supported, the server may select a different depending on its policy. BR, dh Von: Andreas Kuehne [mailto:kuehne@trustable.de] Hmm, I would recommend to just leave it to the server ... Hallo Ezer, in my point of view the explicit specification of the hash algorithm to be used for the signature generation is very similar to the explicit selection of a specific key (and hence implicitely signature algorithm + hash algorithm), if there are multiple options available. Therefore I would propose to use the KeySelector-structure (section 3.5.4 of the Core) and simply define structures, which may appear in the Other-element. What do think about this approach? BR, Detlef Von: Ezer Farhi [mailto:Ezer@arx.com] Hi, I went over the DSS-core and could not find a way to direct the server to use a certain hash mechanism when performing a CMS signature or XML signature on a given document. Did anyone bump into such a request? Thanks, Ezer
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]