Hi Allen,

Thanks for your input.

What do you think of the proposal on
http://wiki.oasis-open.org/xri/XrdOne/SimpleSign ?
Would it be simple enough? (Well, I do not think it can go any simpler than
that but... ;-).
Would you implement it?

On Thu, Jun 11, 2009 at 1:52 PM, Allen Tom <a...@yahoo-inc.com> wrote:

>  Hi Nat,
>
> Generating signatures is tricky, and XMLDSig is trickier than most. That
> being said, there are libraries that do it, and they do seem to work.
>
> First of all, I'd be happier to see something other than XML, but if XML
> has already been decided on, then I would not mind seeing something other
> than XMLDSig, if the alternative is significantly for developers to generate
> than XMLDSig.
>
> Allen
>
> Nat Sakimura wrote:
>
> Hmmm.
>
> Perhaps I did not spell my intent in the original mail well enough.
>
> My question was:
>
> (1) Is XML DSig easy enough for you developers to use?
> (2) Is XML DSig supported in your environemnt?
>        e.g., Google AppEngine, Force.com, your hosting environment, your
> own server, etc.
> (3) If either (1) or (2) is negative, are you aimiable to use a very simple
> alternative to it,
>        or you do not bother signing XRD at all?
>
> Best,
>
> =nat
>
> On Thu, Jun 11, 2009 at 4:16 AM, Santosh Rajan <santra...@gmail.com>wrote:
>
>>
>> I agree that in XML they are not equivalent. Yes but the signing process
>> itself is binary, it has nothing to do with text or its meaning.
>>
>>
>> Hans Granqvist wrote:
>> >
>> >> Once you digitally sign a document, though physically the document
>> >> remains
>> >> in tact and retains its content type, after the act of signing, it is
>> >> really
>> >> a frozen bunch of bits. And if you dont make that distinction you get
>> >> into
>> >> all sorts of tangles. And that was the mistake made by XMLDSig. In
>> other
>> >> words after signing the Content-Type should be binary, whatever you
>> want
>> >> to
>> >> call it. After verification it takes up its original Content-Type.
>> >
>> > In XML these two are equivalent:
>> >
>> >
>> >
>> >
>> >
>>  > A signing process needs to understand this, and that is what XML Dsig
>> > does.
>> > XML was not defined to be a wire format.
>> >
>> > Hans
>> > _______________________________________________
>> > general mailing list
>> > gene...@openid.net
>> > http://openid.net/mailman/listinfo/general
>> >
>> >
>>
>>
>>  -----
>>
>> Santosh Rajan
>> http://santrajan.blogspot.com http://santrajan.blogspot.com
>> --
>>  View this message in context:
>> http://www.nabble.com/Signing-method-for-XRD-tp23956678p23969137.html
>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>
>> _______________________________________________
>>  general mailing list
>> gene...@openid.net
>> http://openid.net/mailman/listinfo/general
>>
>
>
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
>
> ------------------------------
> _______________________________________________
> general mailing 
> listgene...@openid.nethttp://openid.net/mailman/listinfo/general
>
>
>


-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to