On 11-Feb-06, at 3:17 PM, Eric Rescorla wrote:
A suggested implementation of a signature function would be to use
the SHA1 algorithm, which takes as input a digest of the message and
a secret known only to the Homesite.
Signature = T ( S + Digest )
Where, Digest is message digest (defined above), S is the Homesite
Secret, T is the signature generation function, and '+' means string
concatentation.
The technical term for a "signature" which can only be verified by
the holder of a symmetric secret is Message Authentication Code (MAC)
and there's a standard technique for performing MACs: HMAC (RFC 2104).
We looked at that... but decided what we were doing was different
in some way. I'll dig out my notes.
John
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
