Hi there, > Probably in the future we should make mscrypto the default crypto engine > on Windows (Igor?).
No, but you heard that allready. :-) There is a difference between security and obscurity. All algorithms are known, so are most implementations. If you won't show me your code so I see what it does, then I must assume that you have something to hide and will compromise my secrets; and I will keep an watchful eye on you, even if I never meet you again. Cryptography exists for one, and only one, reason: because people don't trust each other. If I don't trust you enough to let you read my mail, but I blindly trust an obscure encryption system you have made, then I am a simple fool. The point of it all: Cryptography software is either open source, or non-existent, as far I am concerned. Everything else can be proprietary, but crypto cannot. That simply defeats the very reason of its existence. Set mscrypto as the default in xmlsec and what advantage over msxml would remain? > Also it would be nice to include all the supported xmlsec-<crypto> > libraries in Windows > binaries (again, Igor? :) ) For the love of completeness, yes. For myself, I would like to leave out everything that uses a proprietary system beneath. For the reasons described above, I would not encourage people to use it by distributing the binary. However, I should have spoken that earlier, before the bloody thing was made. Leaving it out now is a spit in the face to everyone who contributed to it. I am not happy about it, but the binary will have all supported bits. Ciao, Igor _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
