W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2003

Re: X.509 certificate

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 17 Jan 2003 18:37:08 -0500
To: Joseph Swaminathan <jswamina@cisco.com>, w3c-ietf-xmldsig@w3.org
Message-Id: <200301171837.08173.reagle@w3.org>

On Friday 17 January 2003 16:56, Joseph Swaminathan wrote:
> certificate which is in binary format. So for a box
> to support XMLDSIG, it needs to have both XML parser
> as well as ASN.1 parser isnt' it.

Yes, I've been calling this the "Frankenstein Complex" for a little over a 
year now I think.

>     I understand using XKMS this validation can be
> ofloaded to a key management system. But if a box
> has to do all the validation itself, then does it
> require both XML & ASN.1 parser to validate
> certificates isnt it.

Generally yes -- unless they use XKMS, or use a native XKMS cert format.
Received on Friday, 17 January 2003 18:37:13 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT