[xmlsec] Re: GOST support in xmlsec
beldmit at cryptocom.ru
Wed Feb 8 09:37:29 PST 2006
On Tue, 7 Feb 2006, Aleksey Sanin wrote:
> I looked at your patch and looks very good by I have several
> "meta" questions about it.
> 1) How does your implementation correlate to the following
> ietf draft?
> Seems like both are about GOST algorithms :)
Our implementation doesn't implement algorithm-specific key
representation, it uses X.509-format. But so, it doesn't conflict with
How did you find this draft at the site? I was able to find it only
searching by word "GOST".
> 2) I noticed that there are a couple files with Cryptocom name
> in them. Is your company OK with releasing these files under MIT
> license (same as all other xmlsec sources)? Can you explicitly
> state these in the files, please?
Is there a standard form of such a disclaimer? Our company is OK with
releasing them under MIT license.
I've found only 2 files mentioning our company, and not all the
identifiers from them are necessary.
> 3) What does user need to actually use these new GOST algorithms?
> Is it a part of standard Windows distribution? OpenSSL distribution?
The user should install a CSP providing the algorithms to use these
algorithms. There are at least 3 commercial products providing the
Unfortunately other crypto libraries don't support the GOST algorithms.
Though we have a huge patch to OpenSSL providing them.
> 4) I noticed few "FIXME" comments in the code. Is it real? How much
> more work is there?
Oh, sorry. They can be completely removed.
SY, Dmitry Belyavsky (ICQ UIN 11116575)
More information about the xmlsec