- From: Ron Garret <ron@flownet.com>
- Date: Fri, 17 Feb 2012 11:35:10 -0800
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: public-identity@w3.org
On Feb 17, 2012, at 11:15 AM, Anders Rundgren wrote: > On 2012-02-17 20:00, Ron Garret wrote: >> > <snip> >> It is possible that the solution to all our problems is simply to document signText. > > I just mentioned that there are a bunch of "standards" out there already. And what does the existence of "a bunch of standards" have to do with what is wrong with signText? > If I were to create a standard I would begin with researching these to see > if there is something worth stealing :-) So, did you? Is there? > https://github.com/daviddahl/domcrypt/blob/master/demos/demo.js#L47 All I see is a bunch of uncommented Javascript code. How that is intended to address the issue that signText is undocumented I do not understand. I might be able to back out an API by reverse-engineering this code, but that would be missing the point rather badly. > I don't know how window.mozCipher.pk.sign works but signText(v1996) uses X.509 > certificates which I believe what is generally requested. Personally, I think X.509 is part of the problem, not the solution. But that is a different issue altogether. rg
Received on Friday, 17 February 2012 19:35:39 UTC