Dick Hardt <[EMAIL PROTECTED]> writes: > On 13-Feb-06, at 10:52 AM, Eric Rescorla wrote: > >>>> The motivation was to get all the binary crypto code out of the >>>> MS to >>>> ease adoption. We learnt from our prior experience with the SXIP >>>> protocol that this was a barrier to adoption. Writing good DSIG code >>>> for all platforms/stacks/languages is tedious and expensive and >>>> worse >>>> increases the number of lines of code that a MS developer has to >>>> write to enable a site. [SXIP 1.0 worked this way.] >>> >>> Just to clarify, getting someone to install or dynamic language >>> script or module is *way* easier then installing a binary. >>> >>> XML DSIG libraries are not widely available at this time for the >>> scripting platforms. >> >> Who said anything about XML DSIG? I just said you could use a digital >> signature, which doesn't require XML at all. > > A digital signature of what though?
Whatever information you're digesting now. > And there is key management etc. What key management? Just hand over the key during the capabilities exchange. > Would seem challenging to convince anyone to NOT be using XML DSIG > for signing an XML message these days. If you say so. You seem perfectly happy to digest a bunch of data without using any special XML pixie dust. -Ekr _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
