- From: <Toman_Vojtech@emc.com>
- Date: Tue, 18 May 2010 03:34:42 -0400
- To: <xproc-dev@w3.org>
Hello, I was trying to implement some basic support for OAuth in XProc today and realized that with standard XProc, this is impossible to do. The main reason is that at some point in the OAuth flow, the (XProc) client needs to sign data using HMAC-SHA1 - but there is no such functionality in XProc. We already have the p:hash step, but that one is not sufficient for implementing HMAC-SHA1 (or HMAC-MD5) in XProc, so I think a new step is required for this task. I am not talking about XML Signature here which is a whole another can of worms; I just want to be able to sign simple strings. Of course, I could implement a custom step for this, but since I think signing data is a quite common task, perhaps adding one or more signature-related steps in EXProc would be a better idea. What do others think? Regards, Vojtech -- Vojtech Toman Principal Software Engineer EMC Corporation toman_vojtech@emc.com http://developer.emc.com/xmltech
Received on Tuesday, 18 May 2010 07:35:26 UTC