> Maybe but at least for Java applications, you've already got a standard > XML Signature API in all JREs. There's no standard Java S/MIME API and > there may never be. No, but it's much easier to implement a signature like that from scratch in Java and C++ than to implement even a tiny subset of XML Signature in languages that don't have it. > Even if we end up just using the XML Signature > structure as a container for the digests and signature and not much > else, I think it still may be a win. That at least is implementable, if no c14n is involved. But my general sense, despite my own earlier comments to the contrary, is that it's time to look at specs like S/MIME that already exist and don't have the complexity of XML. If I'm trying to submit a signed XML document over HTTP, for example, why would S/MIME not be the obvious thing to use? -- ScottReceived on Thursday, 21 August 2008 18:57:23 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT