[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] SimpleSign Inline Mode and Base64
The base64 tools I've used recently don't default to wrapping at 76 chars, though I did see that this is the default for GNU coreutils. However, there is an option to not wrap. For sure, browsers can wrap base64 encoded content when submitting a form (as this affected the original SAML SimpleSign spec) but since the XRD is more focused around a file format I don't see this being an issue. Are there use cases where XRD's are POST'd to endpoints using the HTTP POST re-direct method? That said, if experience shows it's easier to treat the base64 data as content of the element rather than an attribute I'm ok with that. One final question, if we do make it content of the element, won't that make the XRD schema a little weird? The XRD could contain direct content OR other elements if not using the "Inline mode". Thanks, George Nat Sakimura wrote: > > In http://wiki.oasis-open.org/xri/XrdOne/SimpleSign, I have changed > the name > "Wrapped mode" to "Inline Mode" since I dropped the wrapper. > > Now, it is like George suggested. > > <XRD sig="signature" sigalg="http://www.w3.org/2000/09/xmldsig#rsa-sha1" > certuri="pem file location" data="BASE64 of the payload" /> > > When I was talking about this with Masaki, he suggested that since BASE64 > usually > wraps at 76 or less characters per line, doing it like: > > > <XRD sig="signature" sigalg="http://www.w3.org/2000/09/xmldsig#rsa-sha1" > certuri="pem file location" mode="inline"> > ICA8Q2Fub25pY2FsSUQ+VW5pcXVlX2lkZW50aWZpZXI8L0Nhbm9uaWNhbElEPg0KICA8U2lnbmVy > SUQ+VW5pcXVlX2lkZW50aWZpZXI8L1NpZ25lcklEPg0KICA8U2VydmljZT4NCiAgICA8UHJvdmlk > ZXJJRD5odHRwczovL2V4YW1wbGUuY29tL3NlcnZlciMxNDIzNTQzNTY3MjwvUHJvdmlkZXJJRD4N > CiAgICA8VHlwZT5odHRwOi8vc3BlY3Mub3BlbmlkLm5ldC9hdXRoLzIuMC9zaWdub248L1R5cGU+ > DQogICAgPFR5cGU+aHR0cDovL3NwZWNzLm9wZW5pZC5uZXQvdHgvMS4wPC9UeXBlPg0KICAgIDxV > Ukk+aHR0cHM6Ly9leGFtcGxlLmNvbS9zZXJ2ZXI8L1VSST4NCiAgPC9TZXJ2aWNlPg0KICA8U2Vy > dmljZT4NCiAgICA8UHJvdmlkZXJJRD5odHRwczovL3N0cy5lcXVpZmF4LmNvbS8jMjAwODEyMDMw > MDAwMDA8L1Byb3ZpZGVySUQ+DQogICAgPFR5cGU+aHR0cDovL3NjaGVtYXMuaW5mb3JtYXRpb25j > YXJkLm5ldC9AaWNzL2FnZS0xOC1vci1vdmVyLzIwMDgtMTE8L1R5cGU+DQogICAgPFVSST5odHRw > czovL3N0cy5lcXVpZmF4LmNvbS88L1VSST4NCiAgPC9TZXJ2aWNlPg== > </XRD> > > Which do you think is better? > > Any opinion? > > =nat > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]