[gnutls-dev]xml gurus needed

Werner Koch wk at gnupg.org
Fri Jun 21 15:37:01 CEST 2002

On Fri, 21 Jun 2002 15:57:14 +0300, Nikos Mavroyanopoulos said:

> Attached is an example of an X.509 certificate converted to an XML
> format (preserving some of the X.509 tags). What do you think of
> it? Is it useful to applications with xml capability? Any suggestions

So you need to include a full XML parser into any application to
manage TLS configuration.  XML is a prett loated format and I don't
see what you gain from mapping an (bloated and ugly) ASN.1 format to
XML.  The X.509 DER is better defined than any XML rendering can be.

So it depends on what you want todowith the certificate.  If it is
just for displaying the information a more straigtforward format woul
be more easier for the calling application.  For all other purposes
you better return the DER formatted one which has the advantage that
you can actually *do* something with the certificate.

On another note: GPG_ME_ provides an abstract interface to any public
keys and it might be a neat idea to follow the structure of that API
closely or even employ GPG_SM_ as certificate manager.



More information about the Gnutls-devel mailing list