[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] XML DSig
Basically, the desire was to use a signing mechanism like that enabled with the SAML Simple Sign binding. This requires no canonicalization and is easy to implement in scripts. Note that perl and ssh are great tools for testing this kind of signing. Good library support may be possible for php and java... but it really needs to carry over to all the other languages like ruby, python, perl, et. al. This is where the canonicalization does become "hard". That said, I'm not totally opposed to using XMLDSig if that's where the TC goes, but I do think it will slow down adoption in the non-mainstream languages. Thanks, George Will Norris wrote: > I'm sure this must have been discussed before, but it was before I got > involved with the TC. Why are we not using XML DSig for signing XRD? > I just got off a Shibboleth call where we were discussing the scope of > work for adding OpenID and XRD support to Shibboleth, and several > people (Scott Cantor included, of course) asked why weren't using XML > DSig. I didn't actually know the answer. I've certainly wondered > that myself, but kinda took it at face value that there was a good > reason. Is there? Is it really just that XML Canonicalization is > "too hard"? If that's it, then isn't the answer to just write better > libraries ONCE and be done with it? Was there something else brought > up in past discussions? > > If there is a good reason, that's fine... I'd just be a little > embarrassed (especially as a developer) if all we have is "it's too > hard". > > -will > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]