OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ubl-ndrsc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ubl-ndrsc] Digital Signatures

Eduardo wrote: 
> Not being a security expert, let alone a signature one, I 
> must then ask
> if anybody knows why a bunch of companies got together at the W3C and
> decided (my company included) that there was a need for XML Signature
> and then proceeded to spend a considerable amount of effort, time and
> money developing it. Are you saying that it was just a waste 
> of all of that?
> That we were swindled? That wherever and whenever you can use DSig you
> might as well use X.509?
Not being a security type myself, I asked one of my LMIers who worked on the DSig spec.  He said one of the issues in using X.509 natively was that it requires some native (non-XML) tools to work.  The beauty of the XML Digital Signature specification is that it supports using XSD Include if two trading partners require DSig without requiring any DSig functionality to be built into the Schema.  In other words, UBL Schemas can be extended by the users to include DSig without breaking the Schema and without any requirement on the part of UBL.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]