[xmlsec] xmlsec 's future

Aleksey Sanin aleksey at aleksey.com
Thu Apr 20 22:45:05 PDT 2006

> I know. Did you intention to support SHA-2 famiry by OpenSSL?
Well, SHA-256/... are already supported with OpenSSL 0.9.8

> If you want to learn more cool algoristhms, look at GNU-Cryptro like RSA-PSS
> and WHIRLPOOL hash. http://www.gnu.org/software/gnu-crypto/
Thanks for the link though I don't see much interest in
GNU crypto from people. Last time I actually played with
it (~1.5 years ago) it was very row and really not ready
for prime time. Though things might have changed.

> DES, RSA512, MD4/5, SHA-0 were broken.
I don't want to go into the "long flame" war about this
but definition of "broken" is different for different people
and different applications.

> Please look at my sample file for XAdES-T by RFC3161 timestamp of PFU TSA.
Adding a timestamp to an xml signature is trivial. It can be done
in the application layer or it can be done in xmlsec.

XADES spec is under development for last ... 3 years??? Not sure
if it is anywhere close to be finished. Personally, I don't see
much interest from people in XADES at the moment. It might change
but I have my doubts about it. And again, I do accept patches :)


More information about the xmlsec mailing list