[OpenID] Signing method for XRD
Santosh Rajan
santrajan at gmail.com
Mon Jun 15 14:24:51 UTC 2009
Let me put this in perspective before before we start going in all
directions.
The whole purpose of XRD was to simplify XRDS. By adding XML-Dsig you are
going back to square A. We might as well stick to XRDS then.
The idea of XRD was KISS - "Keep it simple stupid".
Hans Granqvist wrote:
>
>
> Haha, this is funny. Surely the volume of XRD messages vastly
> outnumbers the billions of daily signed SOAP and SAML messages. :)
>
Can you give me one example where "XML Dsig signed SOAP and SAML" is being
used by millions of users in a network?
> Seriously, why are you knocking down a standard that actually has
> proven itself to work pretty well considering the set of difficulties
> inherent in using an abstract format like XML?
>
I am not knocking it down. A whole lot of people seem to be unhappy with
XML-Dsig. You read about it every where you read about XMLDSig. Try
wikipedia for starters.
> Perhaps a different concrete representation (json?) would be easier to
> sign?
>
JSON is a great idea as long as you sign it as is, and apply the
Content-Type, so that it is not modified in transit.
-----
Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com
--
View this message in context: http://www.nabble.com/Signing-method-for-XRD-tp23956678p24035560.html
Sent from the OpenID - General mailing list archive at Nabble.com.
More information about the general
mailing list