W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

Re: Some strawman ideas for a minimum DSig profile

From: Sean Mullan <Sean.Mullan@Sun.COM>
Date: Thu, 21 Aug 2008 14:42:17 -0400
To: Scott Cantor <cantor.2@osu.edu>
Cc: Kelvin Yiu <kelviny@exchange.microsoft.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-id: <48ADB709.2040108@sun.com>

Scott Cantor wrote:
> Sean Mullan wrote:
>> It also occured to me that many of these minimal processing and 
>> verification issues could be solved if the xml signature was always 
>> stored in a separate xml document, and somehow safely associated or 
>> packaged with what it is signing (like a zip file).
> 
> I guess it's relevant to my action item, so I'll point out that if 
> you're going to do that, there is very little value to signing it as XML 
> or producing a signature that's XML. That's much easier to do with 
> S/MIME (or something like what we did with the alternate SAML binding).

Maybe but at least for Java applications, you've already got a standard 
XML Signature API in all JREs. There's no standard Java S/MIME API and 
there may never be. Even if we end up just using the XML Signature 
structure as a container for the digests and signature and not much 
else, I think it still may be a win.

--Sean
Received on Thursday, 21 August 2008 18:43:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT