- From: James Fuller <james.fuller.2007@gmail.com>
- Date: Tue, 18 May 2010 09:44:07 +0200
- To: Toman_Vojtech@emc.com
- Cc: xproc-dev@w3.org
On Tue, May 18, 2010 at 9:34 AM, <Toman_Vojtech@emc.com> wrote: > Hello, > > I was trying to implement some basic support for OAuth in XProc today > and realized that with standard XProc, this is impossible to do. The > main reason is that at some point in the OAuth flow, the (XProc) client > needs to sign data using HMAC-SHA1 - but there is no such functionality > in XProc. We already have the p:hash step, but that one is not > sufficient for implementing HMAC-SHA1 (or HMAC-MD5) in XProc, so I think > a new step is required for this task. I agree this func is needed and it would be best to come with a common approach I would stump up for just defining exproc:hmac-sha1 on the algorithm option on existing p:hash instread of a new step? Afterall it is defined as a Qname ... which does make me think of what namespace the existing options are in ;) J > > I am not talking about XML Signature here which is a whole another can > of worms; I just want to be able to sign simple strings. > > Of course, I could implement a custom step for this, but since I think > signing data is a quite common task, perhaps adding one or more > signature-related steps in EXProc would be a better idea. > > What do others think? > > Regards, > Vojtech > > -- > Vojtech Toman > Principal Software Engineer > EMC Corporation > toman_vojtech@emc.com > http://developer.emc.com/xmltech > >
Received on Tuesday, 18 May 2010 07:51:09 UTC