W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2000

Re: XML certificate ...

From: Winchel 'Todd' Vincent, III <winchel@mindspring.com>
Date: Tue, 9 May 2000 20:28:02 -0400
Message-ID: <004c01bfba16$9aab2ee0$0b8c4fd8@ECTFILELT>
To: "Gunther Schadow" <gunther@aurora.rg.iupui.edu>, "XML DSig" <w3c-ietf-xmldsig@w3.org>
Gunther:

I agree 100%.  I think there should be a workgroup in the W3C and/or the
IETF for this work.

Todd


----- Original Message -----
From: "Gunther Schadow" <gunther@aurora.rg.iupui.edu>
To: "XML DSig" <w3c-ietf-xmldsig@w3.org>
Sent: Tuesday, May 09, 2000 8:06 PM
Subject: XML certificate ...


> Hi,
>
> I have just joined this list. I'm not sure whether this has been discussed
> here, but cursory searches have not exactly hit me with obvious results.
> So here goes:
>
> As the world reinvents everything using XML, might it not be time to do
> the same with certificates?  I think the world of certificates could
> use a big shake-up.  Getting rid of X509 and ASN.1 would be a huge
> reduction of burdon on any security implementation. It would make
> certificate generation and interpretation a snip of a finger.
> Compatibility with X509, SPKI, and PGP certificate products could be
> provided through XMLifying translators.  The goal would be to have one
> generic syntax that can support the approaches of X509, SPKI and PGP all
> without these stupid hassles that come with the different presentation
> formats.
>
> Isn't there any such activity ongoing already? If not I'd be happy to
> hammer out a DTD that would cover X509, SPKI and PGP semantics. I just
> have to do this in order to not go insane over this ASN.1 business.
>
> The XML certificate specification could be using XML signature and
> XML canonicalization. However, canonicalization isn't exactly a
> requirement.
>
> What do you think?
> -Gunther
Received on Tuesday, 9 May 2000 20:24:16 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT