W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

Re: Some strawman ideas for a minimum DSig profile

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 21 Aug 2008 21:34:17 +0200
To: Scott Cantor <cantor.2@osu.edu>
Cc: 'Sean Mullan' <Sean.Mullan@Sun.COM>, 'Kelvin Yiu' <kelviny@exchange.microsoft.com>, public-xmlsec@w3.org
Message-ID: <20080821193417.GF402@iCoaster.does-not-exist.org>

On 2008-08-21 14:56:38 -0400, Scott Cantor wrote:

>> Maybe but at least for Java applications, you've already got a
>> standard XML Signature API in all JREs. There's no standard
>> Java S/MIME API and there may never be.

> No, but it's much easier to implement a signature like that from scratch in
> Java and C++ than to implement even a tiny subset of XML Signature in
> languages that don't have it.

I'm not so sure of that.  Implementing a tightly constrained profile
of Signature turns out to be relatively easy (yes, I have done
that), except for the canonicalization portion of things.

In such a case, much of the complexity usually boils down to a
verification step that none of it is used.

Cheers,
-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Thursday, 21 August 2008 19:34:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT