- From: Ari Kermaier <arik@phaos.com>
- Date: Fri, 01 Mar 2002 10:34:36 -0500
- To: dwight funk <dfunk@powerwayinc.com>, "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org>
Dwight, Take a look at http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html for a matrix of interoperable implementations. The test messages we used are downloadable from that page: http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001AprJun/att-00%2033/01-merlin-xmldsig-sixteen.tar.gz and http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001JanMar/att-0155/04-merlin-xmldsig-fifteen.tar.gz Best, Ari Kermaier >Is there a test suite of signature documents that can be used to verify a >vendor's XML Signature SDK implementation for compliance with the >recommendation? How do we know that any particular vendor's API will >validate a signature that was created by any other vendor's SDK? > >I'm trying to choose a vendor's Toolkit/SDK for use in our >application. I've been burned in the past by vendor's not fully >implementing a standard. I'm interested in having a way to test a >vendor's SDK and ensure they have fully implemented the standard. > > >Dwight E. Funk >Technical Software Architect - XML Technologies >POWERWAY, Inc. >(317) 598-6745 > >MESSAGE IS INTENDED ONLY FOR THE USE OF THE INDIVIDUAL OR ENTITY TO WHICH >IT IS ADDRESSED AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, >CONFIDENTIAL AND EXEMPT FROM DISCLOSURE. If the reader of this message is >not the recipient or an employee or agent responsible for delivering the >message to the intended recipient, you are hereby notified that any >dissemination, distribution, or copying of this communication is strictly >prohibited. If you have received this communication in error, please >notify the sender immediately by E-Mail and return the original message to >the sender. Thank you. Ari Kermaier arik@phaos.com Senior Software Engineer Phaos Technology Corp. http://www.phaos.com/
Received on Friday, 1 March 2002 10:30:14 UTC