- From: Gunther Schadow <gunther@aurora.rg.iupui.edu>
- Date: Tue, 09 May 2000 19:06:37 -0500
- To: XML DSig <w3c-ietf-xmldsig@w3.org>
- Message-ID: <3918A80D.5D1B785C@aurora.rg.iupui.edu>
Hi, I have just joined this list. I'm not sure whether this has been discussed here, but cursory searches have not exactly hit me with obvious results. So here goes: As the world reinvents everything using XML, might it not be time to do the same with certificates? I think the world of certificates could use a big shake-up. Getting rid of X509 and ASN.1 would be a huge reduction of burdon on any security implementation. It would make certificate generation and interpretation a snip of a finger. Compatibility with X509, SPKI, and PGP certificate products could be provided through XMLifying translators. The goal would be to have one generic syntax that can support the approaches of X509, SPKI and PGP all without these stupid hassles that come with the different presentation formats. Isn't there any such activity ongoing already? If not I'd be happy to hammer out a DTD that would cover X509, SPKI and PGP semantics. I just have to do this in order to not go insane over this ASN.1 business. The XML certificate specification could be using XML signature and XML canonicalization. However, canonicalization isn't exactly a requirement. What do you think? -Gunther
Received on Tuesday, 9 May 2000 20:06:41 UTC