- From: Robin Berjon <robin@berjon.com>
- Date: Fri, 17 Apr 2009 12:24:58 +0200
- To: Henri Sivonen <hsivonen@iki.fi>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, ext Jonas Sicking <jonas@sicking.cc>, "marcosc@opera.com" <marcosc@opera.com>, Thomas Roessler <tlr@w3.org>, public-webapps <public-webapps@w3.org>
On Apr 16, 2009, at 10:51 , Henri Sivonen wrote:
> On Apr 15, 2009, at 22:16, Frederick Hirsch wrote:
>> We are not using the transform chain where complexity and
>> performance issues occur,
>
> The complexity concern I raised is that the last signing step needs
> to run canonicalization and reserialization in order to get a byte
> stream to sign when it would be simpler to use a detached signature
> that signs the original uncanonicalized bytes. Running
> canonicalization first requires more code.
>
> If I've understood correctly, the idea is that widget support can be
> added to an existing Web browser engine with smallish effort. It
> seems to me that there is no pre-existing reason for a Web browser
> engine to contain an implementation of canonicalization or XML
> signatures.
Trying to separate the discussion from the change request: would you
be satisfied if requirements to perform C14N were removed and reliance
on XSD data types for definition purposes were replaced with something
less scary (though in this case this is a bit of a FUD argument Henri,
the referenced types aren't overwhelming)?
--
Robin Berjon - http://berjon.com/
Feel like hiring me? Go to http://robineko.com/
Received on Friday, 17 April 2009 10:25:46 UTC