[OpenID] Signing method for XRD

Santosh Rajan santrajan at gmail.com
Thu Jun 11 02:01:37 UTC 2009 


I thought this thread was moved to specs. I have given a simple solution
that does not require any new code except change the filename extension
here. 

http://www.nabble.com/Fwd:--OpenID--Signing-method-for-XRD-to23967750.html
http://www.nabble.com/Fwd:--OpenID--Signing-method-for-XRD-to23967750.html 

As a programmer this is how I would like to see it work.


Nat Sakimura wrote:
> 
> Hmmm.
> 
> Perhaps I did not spell my intent in the original mail well enough.
> 
> My question was:
> 
> (1) Is XML DSig easy enough for you developers to use?
> (2) Is XML DSig supported in your environemnt?
>        e.g., Google AppEngine, Force.com, your hosting environment, your
> own
> server, etc.
> (3) If either (1) or (2) is negative, are you aimiable to use a very
> simple
> alternative to it,
>        or you do not bother signing XRD at all?
> 
> Best,
> 
> =nat
> 
> On Thu, Jun 11, 2009 at 4:16 AM, Santosh Rajan <santrajan at gmail.com>
> wrote:
> 
>>
>> I agree that in XML they are not equivalent. Yes but the signing process
>> itself is binary, it has nothing to do with text or its meaning.
>>
>>
>> Hans Granqvist wrote:
>> >
>> >> Once you digitally sign a document, though physically the document
>> >> remains
>> >> in tact and retains its content type, after the act of signing, it is
>> >> really
>> >> a frozen bunch of bits. And if you dont make that distinction you get
>> >> into
>> >> all sorts of tangles. And that was the mistake made by XMLDSig. In
>> other
>> >> words after signing the Content-Type should be binary, whatever you
>> want
>> >> to
>> >> call it. After verification it takes up its original Content-Type.
>> >
>> > In XML these two are equivalent:
>> >
>> >
>> >
>> >
>> >
>> > A signing process needs to understand this, and that is what XML Dsig
>> > does.
>> > XML was not defined to be a wire format.
>> >
>> > Hans
>> > _______________________________________________
>> > general mailing list
>> > general at openid.net
>> > http://openid.net/mailman/listinfo/general
>> >
>> >
>>
>>
>> -----
>>
>> Santosh Rajan
>> http://santrajan.blogspot.com http://santrajan.blogspot.com
>> --
>> View this message in context:
>> http://www.nabble.com/Signing-method-for-XRD-tp23956678p23969137.html
>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
> 
> 
> 
> -- 
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 


-----

Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com 
-- 
View this message in context: http://www.nabble.com/Signing-method-for-XRD-tp23956678p23974121.html
Sent from the OpenID - General mailing list archive at Nabble.com.

More information about the general mailing list