- From: Joseph Reagle <reagle@w3.org>
- Date: Fri, 26 Jul 2002 11:27:30 -0400
- To: Carl Ellison <cme@jf.intel.com>, "XML Signature \(W3C/IETF\)" <w3c-ietf-xmldsig@w3.org>
On Friday 26 July 2002 10:27 am, Carl Ellison wrote: > That is, all C14N implementations I have heard of run exorbitantly > long times. Much of this depends on what you are doing. If you don't have to do an XPath evaluation, c14n is *much* faster than if you have to do the XPath expression. > I suspect that that runtime is due mostly to string > concatenation operations. If instead of building a single canonical > XML string you walk a DOM and only send substrings to a hash > accumulator, in the C14N order, you should be able to produce the > C14N hash of a DOM structure in almost the time it takes to walk that > structure for printing without canonicalization. > So, has anyone done that experiment? If so, how did it perform? I'm not sure how relevant this is to your question, but are you familiar with DOMHash and XHash? XHash was "inspired by IBM DOMHASH but processes each element without recursive hashing". Brown report no further work on XHASH in 1999. http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0422.html DOMHASH was not considered an approraite algorithm by its authors for xmldsig, and it might've even been slower in that context. http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0420.html http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0422.html
Received on Friday, 26 July 2002 11:27:49 UTC