[xmlsec] loading crypto engines as plugins, build changes, etc.
igor at zlatkovic.com
Sat Sep 20 09:31:43 PDT 2003
> Probably in the future we should make mscrypto the default crypto engine
> on Windows (Igor?).
No, but you heard that allready. :-)
There is a difference between security and obscurity. All algorithms are
known, so are most implementations. If you won't show me your code so I see
what it does, then I must assume that you have something to hide and will
compromise my secrets; and I will keep an watchful eye on you, even if I
never meet you again.
Cryptography exists for one, and only one, reason: because people don't
trust each other. If I don't trust you enough to let you read my mail, but I
blindly trust an obscure encryption system you have made, then I am a simple
The point of it all: Cryptography software is either open source, or
non-existent, as far I am concerned. Everything else can be proprietary, but
crypto cannot. That simply defeats the very reason of its existence. Set
mscrypto as the default in xmlsec and what advantage over msxml would
> Also it would be nice to include all the supported xmlsec-<crypto>
> libraries in Windows
> binaries (again, Igor? :) )
For the love of completeness, yes. For myself, I would like to leave out
everything that uses a proprietary system beneath. For the reasons described
above, I would not encourage people to use it by distributing the binary.
However, I should have spoken that earlier, before the bloody thing was
made. Leaving it out now is a spit in the face to everyone who contributed
to it. I am not happy about it, but the binary will have all supported bits.
More information about the xmlsec