Hmmm. <br><br>Perhaps I did not spell my intent in the original mail well enough. <br><br>My question was: <br><br>(1) Is XML DSig easy enough for you developers to use? <br>(2) Is XML DSig supported in your environemnt? <br>
e.g., Google AppEngine, Force.com, your hosting environment, your own server, etc. <br>(3) If either (1) or (2) is negative, are you aimiable to use a very simple alternative to it, <br> or you do not bother signing XRD at all? <br>
<br>Best, <br><br>=nat<br><br><div class="gmail_quote">On Thu, Jun 11, 2009 at 4:16 AM, Santosh Rajan <span dir="ltr"><<a href="mailto:santrajan@gmail.com">santrajan@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
I agree that in XML they are not equivalent. Yes but the signing process<br>
itself is binary, it has nothing to do with text or its meaning.<br>
<div class="im"><br>
<br>
Hans Granqvist wrote:<br>
><br>
>> Once you digitally sign a document, though physically the document<br>
>> remains<br>
>> in tact and retains its content type, after the act of signing, it is<br>
>> really<br>
>> a frozen bunch of bits. And if you dont make that distinction you get<br>
>> into<br>
>> all sorts of tangles. And that was the mistake made by XMLDSig. In other<br>
>> words after signing the Content-Type should be binary, whatever you want<br>
>> to<br>
>> call it. After verification it takes up its original Content-Type.<br>
><br>
> In XML these two are equivalent:<br>
><br>
><br>
><br>
><br>
><br>
</div><div class="im">> A signing process needs to understand this, and that is what XML Dsig<br>
> does.<br>
> XML was not defined to be a wire format.<br>
><br>
> Hans<br>
> _______________________________________________<br>
> general mailing list<br>
> <a href="mailto:general@openid.net">general@openid.net</a><br>
> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
><br>
><br>
<br>
<br>
</div><div class="im">-----<br>
<br>
Santosh Rajan<br>
<a href="http://santrajan.blogspot.com" target="_blank">http://santrajan.blogspot.com</a> <a href="http://santrajan.blogspot.com" target="_blank">http://santrajan.blogspot.com</a><br>
--<br>
</div>View this message in context: <a href="http://www.nabble.com/Signing-method-for-XRD-tp23956678p23969137.html" target="_blank">http://www.nabble.com/Signing-method-for-XRD-tp23956678p23969137.html</a><br>
<div class="im">Sent from the OpenID - General mailing list archive at Nabble.com.<br>
<br>
_______________________________________________<br>
</div><div><div></div><div class="h5">general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>