Hi Eran, --On March 23, 2011 11:47:45 PM -0700 Eran Hammer-Lahav <eran@hueniverse.com> wrote: > No matter what the use cases are, most signature algorithm requiring > complex canonicalization of data have failed the test of widespread > adoption, so before we produce yet another such solutions, we should > figure out if this complexity adds real value. Please take a look at DKIM which does this for email (and reasonably well by most accounts). In fact my preference here is to use DKIM for HTTP as well. Whilst DKIM is currently used for email it was designed to be generally applicable to similar protocols - in fact we are planning on using it for iTIP-over-HTTP (iSchedule: <http://tools.ietf.org/id/draft-desruisseaux-ischedule-01.txt>). It would be good to be able to utilize the existing infrastructure and experience from DKIM in HTTP. -- Cyrus DabooReceived on Friday, 25 March 2011 14:29:52 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:37 GMT