OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xri] xml dsig profile


Brian,

I like the approach.

I think we need to be a touch clearer that the document we are signing is the serialized XML and not the octet string of the file unless that is what you intended.

To construct a signed XRDS (XRD Sequence) we need to take the serialized XML and base64 encode it so that the signature of the individual XRDs can be checked.

To check the signatures on an XRDS you should be able to take the octet string resulting from decoding the base64 and generate the hash for the sig.

So as long as we are taking about the raw octet string that is the serialized XML and not the octet string that is the raw file we are good I think.

=jbradley
On 2-Feb-09, at 10:36 PM, Brian Eaton wrote:

I've written up a detailed specification for simple signatures of
arbitrary XML documents.  It's here:
http://wiki.oasis-open.org/xri/XrdOne/XmlDsigProfile

I started off trying to spec out the format described on the
XrdOne/SimpleSign wiki, and quickly realized I was duplicating a ton
of work already done by the XML DSig specification.  Bill Barnhill's
comment on that wiki page suggesting an XML DSig profile struck me as
a better approach.

(Dirk: this is different than the syntax and code I sent you last
week, but not that different. =)

Cheers,
Brian

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


smime.p7s



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]