search

w3c / vc-di-ecdsa

Data Integrity specification for ECDSA using NIST-compliant curves
https://w3c.github.io/vc-di-ecdsa/
Other
9 stars 9 forks source link

deterministic ECDSA SHOULD be used #34

Closed Wind4Greg closed 10 months ago

Wind4Greg commented 10 months ago

This PR addresses issue https://github.com/w3c/vc-di-ecdsa/issues/28. To require that the deterministic ECDSA algorithm SHOULD be used. Previously we just had that the ECDSA algorithm MUST be used without explicitly pointing out the security advantages of the deterministic variant.

In the security considerations section has been slightly extended to offer a reason why, in some situations, one might not want to use the deterministic variant. This section already explains why in most cases one should use the deterministic variant.

Note that the security considerations section already points out that verification of signatures is the same for both variants.

Preview | Diff

Wind4Greg commented 10 months ago

Good catch @dlongley!

msporny commented 10 months ago

Normative, multiple reviews, changes requested and made, no objections, merging.