On Apr 16, 2009, at 10:51 , Henri Sivonen wrote:
On Apr 15, 2009, at 22:16, Frederick Hirsch wrote:
We are not using the transform chain where complexity and
performance issues occur,
The complexity concern I raised is that the last signing step needs
to run canonicalization and reserialization in order to get a byte
stream to sign when it would be simpler to use a detached signature
that signs the original uncanonicalized bytes. Running
canonicalization first requires more code.
If I've understood correctly, the idea is that widget support can be
added to an existing Web browser engine with smallish effort. It
seems to me that there is no pre-existing reason for a Web browser
engine to contain an implementation of canonicalization or XML
signatures.
Trying to separate the discussion from the change request: would you
be satisfied if requirements to perform C14N were removed and reliance
on XSD data types for definition purposes were replaced with something
less scary (though in this case this is a bit of a FUD argument Henri,
the referenced types aren't overwhelming)?
--
Robin Berjon - http://berjon.com/
Feel like hiring me? Go to http://robineko.com/
