W3C home > Mailing lists > Public > xml-dist-app@w3.org > June 2003

Re: PASWA, canonicalization, and signatures

From: Rich Salz <rsalz@datapower.com>
Date: Tue, 10 Jun 2003 20:57:01 -0400 (EDT)
To: Tony Graham <Tony.Graham@Sun.COM>
cc: "xml-dist-app@w3.org" <xml-dist-app@w3.org>
Message-ID: <Pine.LNX.4.44L0.0306102052430.29431-100000@smtp.datapower.com>

> It's fine by me if there isn't a c14n algorithm in use.  My point is
> that posts to this list have been all over the map w.r.t. both what is
> required for canonicalization and who is going to work out what is
> required.

Right.  This has been my fundamental problem with the Infoset-based
approach.  At some point, DSIG and cryptography need bytes, not abstract
data.

> Given that, I'm asking whether it's better to consider that the
> abstract process is about binary data, not about base64-encoded data,
> since everybody is talking about binary data.  That leaves the "base64
> encoded content" as how you talk about the "real" abstract process in
> SOAP terms.  That seems more real to me than talking in abstract terms
> about "efficient implementations" and "PASWA enabled" features when
> it's the "efficient implementations" that people will be zeroing in
> on.

Ah, I see the point.

I agre with you. :)

        /r$

--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html
Received on Tuesday, 10 June 2003 20:57:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:14 GMT