X.509 certificate

From: Joseph Swaminathan <jswamina@cisco.com> Date: Fri, 17 Jan 2003 13:56:49 -0800 Message-ID: <3E287C21.1BBC0D9D@cisco.com> To: w3c-ietf-xmldsig@w3.org · This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT



    One of the advantage of XMLDSIG over PKCS, I read,
is the textual format instead of binary ASN.1 format.
But when it comes to certificates, it is still X.509
certificate which is in binary format. So for a box
to support XMLDSIG, it needs to have both XML parser
as well as ASN.1 parser isnt' it. 

    I understand using XKMS this validation can be 
ofloaded to a key management system. But if a box 
has to do all the validation itself, then does it
require both XML & ASN.1 parser to validate 
certificates isnt it.

thanks
Joseph