I think I'd make OpenSSL the default on Windows. It's mature, well-tested, and well-understood. Secondarily, I'm using XMLSec specifically to get away from Microsoft's "black box" CryptoAPI implementation, and others may have similar motivation. (I couldn't find a good way to set it up for use in an ISAPI DLL called by Microsoft's Web server software. But maybe Wouter's implementation will address that issue somehow.) _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
