[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: [uddi-dev] Is "Schema Centric XML Canonicalization" implementatino available?
Happy New Year, the list, and thank you for your reply, Mr.
Cl¨¦ment:
> The SCC14N spec is by no means being thrown away given that
it is the
> only reasonable means by which to perform DSig in a
schema
> non-agnostic manner. You may have heard that the UBR
operators
> (amongst others undoubtedly) are in the midst of implementing
version
> 3 of the UDDI spec
> (http://xml.coverpages.org/UDDIv3BetaNodes.html)
which will include
> support for DSig. A requisite to this is SCC14N; and
thus part of the
> work is to implement and test SCC14N in the context of
DSig support.
As you said, I know about the UBR V3 beta version and think
its DSig support is a big step for UDDI. And I understand that UDDI committie
did not thrown away SCC14N :-)
But, still I have had a question on
implementation of SCC14N.
* My understanding is that, as of today, we
have no concrete implementations of SCC14N (And UBR V3 will be the first
implementation of it), test data and/or its related efforts. Is it
correct?
[LC] Yes, it is correct that at this point in time there are
no implementations of SCC14N that are available from vendors. I will let
vendors postulate as to the date of availability of
tooling.
And now, I have a few more questions:-)
*
Are there any DSig-supported client implementations? I think it is important
that widely-used UDDI Client (UDDI4J) will support DSig. And if they support
DSig, the next thing to do is interoperability testing...
[LC] Per the above, clients are not available *yet*.
* What does
"UBR implements SCC14N (in the context of DSig)" mean? Does it mean that UBR
contains any code which actually DOES SCC14N algorithms through DSig generation?
The UBR V3 DSig-support contains server-side signature generation?ˇˇ(I've thought
that DSig is appended client side
basically...)
[LC] Though a matter of registry policy, servers require
SCC14N support to perform DSig validation of domain key generator tModels.
You can find an example of digitally signed tModel at http://uddi.org/pubs/uddi-v3.00-published-20020719.htm#_Toc42047532; a server that performs DSig
validation (along with other checks iaw Registry policy) would require
SCC14N.
A UDDI Spec TC Technical Note is forthcoming that will explain publisher-assigned keys (for which domain key generator tModels are required) and should cover how DSig (of domain key generator tModels) may be required to obtain a domain-based key partition (see Section 5.2.2.1 of the UDDI v3 spec).
For more information on
publisher-assigned keys refer to Sections 5.2.2 Publishing
entities with publisher-assigned keys, 4.4 About uddiKeys, 9.4.2 General Keying Policy
and 9.4.3 UDDI recommended keying scheme from the Version 3
specification.
Thanks in advance.
--
Nobuyuki Tomizawa
To unsubscribe from this list, send a post to
uddi-dev-unsubscribe@lists.oasis-open.org, or visit http://www.oasis-open.org/mlmanage/.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]