OpenSAML user discussion

[Dimuthu Leelarathne <>]

Hi Chad,

On Thu, 2008-01-31 at 13:55 +0100, Chad La Joie wrote:
> Oh, also just a bit of background on this.
> 
> OpenSAML 1.0 was just an SAML library, so all the code was really trying 
> to implement exactly what the SAML specifications said.  The new 
> OpenSAML 2.0 library is actually a library stack.  Signature and 
> Encryption support is actually located in the XMLTooling library.  This 
> library is meant to be generic and allow things, like OpenSAML, to be 
> built on top of it.  So, naturally, that lower level library can't make 
> the same number of assumptions as the OpenSAML 1 library could.
> 
> That said, I'm all for trying to encode reasonable, best-practice, 
> behavior into the library as long as it doesn't prohibit people from 
> changing it for some reason.

I also think that people should be able to change it. 
And I am +1 for Exclusive with comment C14N.

Thank you,
Dimuthu

> Dimuthu Leelarathne wrote:
> > Hi All,
> > 
> > I think the new opensaml implementation is really good. It has good
> > javadocs and very intuitive.
> > 
> > I'd like to put forward my idea as a user. If you guys can set a default
> > CanonicalizationAlgorithm to the Signature object, it will be good. 
> > 
> > I am saying that because when using opensaml-1.0 I was unaware of the
> > the canonicalization method, and when using the new library, in order to
> > fix a signature verification problem I had to read about the four C14N
> > canonicalization methods.
> > 
> > Thank you,
> > Dimuthu
> > 
>