- From: Richard D. Brown <rdbrown@GlobeSet.com>
- Date: Tue, 27 Apr 1999 11:37:47 -0500
- To: "'Phillip M Hallam-Baker'" <pbaker@verisign.com>, "'Bede McCall'" <bede@mitre.org>, <w3c-xml-sig-ws@w3.org>
Phill, Before agreeing on anything we have to understand the ins and outs of such a decision. For example: 1 - What do people refer to by CMS? CMS as specified by PKIX or PKCS#7 from RSA. 2 - CMS implementations usually require the certificate-chain to be either refer to or pass as an argument. What is the impact on XML-DSIG implementation? Other crypto-algorithms require only the private-key. ... Also, we can make sure that the specification provides for CMS without making CMS mandatory. Actually, I would certainly vote against such a proposition. Sincerely, Richard D. Brown > -----Original Message----- > From: w3c-xml-sig-ws-request@w3.org > [mailto:w3c-xml-sig-ws-request@w3.org]On Behalf Of Phillip M > Hallam-Baker > Sent: Monday, April 26, 1999 9:54 AM > To: Bede McCall; w3c-xml-sig-ws@w3.org > Subject: RE: XML interface with URIs > > > > > From: "Phillip M Hallam-Baker" <pbaker@verisign.com> > > Date: Sun, 25 Apr 1999 16:35:56 +0200 > > > > So far there seems to be general agreement that the > > XML-Sig work should broadly correspond with CMS functionality > > without requiring ASN.1 at the packaging level. > > > > Speaking only for myself ... yes. On the other hand, in > keeping with > > the spirit of accommodation for "binary" formats, I think > we may want > > to allow CMS blobs as part of the spec. > > I said 'without requiring'. I very much agree that CMS blobs should > be an option. I see this as a backwards compatibility issue, at this > point S/MIME is a legacy infrastructure. > > If there is no objection to allowing CMS blobs then we should > incorporate them into the statement of consensus. > > > Phill >
Received on Tuesday, 27 April 1999 12:37:36 UTC