[rfc-i] digital signatures in documents
Joe Hildebrand (jhildebr)
jhildebr at cisco.com
Mon Oct 1 00:07:27 PDT 2012
On 9/30/12 9:54 AM, "Paul Hoffman" <paul.hoffman at vpnc.org> wrote:
>Detached signatures have none of the failings of the proposed internal
>signatures: having to rely on a current broken spec or having to invent a
>new one, adding cruft that might be exposed to the 99.999% of readers who
>don't care, encouraging software that might show "failures" for things
>like changing line-ending characters, etc. Detached signatures allow the
>teeny number of people who might care about bit-level integrity to check
>it easily, and we already have working tools that can be used for them.
+1. XMLDsig is to be avoided at all costs. The only thing worse would be
to try to rewrite XMLDsig over from scratch so that mortals could
implement it.
--
Joe Hildebrand
More information about the rfc-interest
mailing list