- From: Gino Tesei <gino.tesei@ekar.it>
- Date: Tue, 21 Oct 2003 21:47:05 +0200
- To: <bdournaee@sarvega.com>, <w3c-ietf-xmldsig@w3.org>
- Message-ID: <F95FCBD3427A2C48B8704C734F26119E37C4AE@mail.ekar.it>
Thank you for your answer, Blake. >What types of document artifacts do you need to authenticate? whatever ... as usual, the business gives not clear & changeable requirements :) ... or better still, it's very dangerous taking them as final ... >XML Signature is great for situations where XML data must be selectively >signed based on XML document >subsets. The situation that you have described doesn't immediately point >to a multi-hop signing environment with >multiple intermediate signers. in effect, this is not a requirement and I'm a strong believer in minimal implementations. Actually, evaluating XML Signature makes sense here if there are strong advantages in implementing all 'plumbing' related to sign/verify a general XML element ... something like: sign this element given my profile ... verify this element, given sender's profile. Then, since this is an implementation of a standard, features such as the ones you mentioned could be eventually simpler to support in the future ... By contrast, there are (also) the disadvantages you mentioned. Gino
Received on Tuesday, 21 October 2003 15:49:53 UTC