Hello, In Section 4.3.3.1 [*] of the current XML Signature draft, there is a note about multiple representations for a given resource: "Applications should also be cognizant of the fact that protocol parameter and state information, (such as HTTP cookies, HTML device profiles or content negotiation), may affect the content yielded by dereferencing a URI." I'd like to suggest the addition of a 'Content-Type' attribute to the 'Reference' element, to indicate the content-type of the representation that has been signed, so as to enable the application verifying the signature to ask for that content-type when dereferencing the URI. Best wishes, Bruno. [*] http://www.w3.org/TR/2009/WD-xmldsig-core1-20090226/#sec-URIReceived on Sunday, 26 April 2009 14:58:22 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 26 April 2009 14:58:22 GMT