W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

RE: Some strawman ideas for a minimum DSig profile

From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 21 Aug 2008 14:56:38 -0400
To: "'Sean Mullan'" <Sean.Mullan@Sun.COM>
Cc: "'Kelvin Yiu'" <kelviny@exchange.microsoft.com>, <public-xmlsec@w3.org>
Message-ID: <02b101c903bf$a5764c00$f062e400$@2@osu.edu>

> Maybe but at least for Java applications, you've already got a standard
> XML Signature API in all JREs. There's no standard Java S/MIME API and
> there may never be.

No, but it's much easier to implement a signature like that from scratch in
Java and C++ than to implement even a tiny subset of XML Signature in
languages that don't have it.

> Even if we end up just using the XML Signature
> structure as a container for the digests and signature and not much
> else, I think it still may be a win.

That at least is implementable, if no c14n is involved.

But my general sense, despite my own earlier comments to the contrary, is
that it's time to look at specs like S/MIME that already exist and don't
have the complexity of XML. If I'm trying to submit a signed XML document
over HTTP, for example, why would S/MIME not be the obvious thing to use?

-- Scott
Received on Thursday, 21 August 2008 18:57:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT