- From: Marcos Caceres <marcosc@opera.com>
- Date: Tue, 14 Apr 2009 14:56:34 +0200
- To: timeless@gmail.com
- CC: Henri Sivonen <hsivonen@iki.fi>, Thomas Roessler <tlr@w3.org>, public-webapps <public-webapps@w3.org>
On 4/14/09 2:51 PM, timeless wrote: > Marcos Caceres<marcosc@opera.com> wrote: >> Although I agree that it was probably a short-sightedness mistake on >> our part to not have looked at JAR signing at the start of this >> process, I think it is too late for you to ask us to dump over a year >> worth of work on this spec - especially as we are about to go to Last >> Call and have significant industry support (BONDI) for using XML >> Signatures. > >> Although I also agree that there are issues with >> canonicalization, I find it hard to believe that JAR signatures are >> not without their own problems. I think it would be more productive to >> help us address the issues that you mentioned, instead of asking us to >> dump everything and start again. > > I'm willing to drop XML signing :) > > I guess I never really understood enough about why we went off on XML > signing and didn't think to ask why we didn't look at JAR signing :( I guess it was "it was not done here (w3c)" syndrome. Kind regards, Marcos
Received on Tuesday, 14 April 2009 12:57:22 UTC