W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

RE: Some strawman ideas for a minimum DSig profile

From: Kelvin Yiu <kelviny@exchange.microsoft.com>
Date: Mon, 25 Aug 2008 18:00:12 -0700
To: "Sean.Mullan@Sun.COM" <Sean.Mullan@Sun.COM>
CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <B50E442C206C3045BD85290E7AA3FD49865AC6E2D5@df-whippet-msg.exchange.corp.microsoft.com>

Sorry for not responding last week. Things have been a little crazy recently.

It is certainly possible to encapsulate information in the PI into a new XMLDSig2 element. For example, it may be sufficient to specify the canonicalization and hash URI as attributes on the SignedInfo element so that hashing and canonicalization can start immediately.

I don't know if we can require applications to bundle a detached signature with an XML document in a minimum profile. I think a minimal profile would have uses beyond signing XML documents.

Kelvin


-----Original Message-----
From: Sean.Mullan@Sun.COM [mailto:Sean.Mullan@Sun.COM]
Sent: Thursday, August 21, 2008 10:23 AM
To: Kelvin Yiu
Cc: public-xmlsec@w3.org
Subject: Re: Some strawman ideas for a minimum DSig profile

Hi Kelvin,

In the proposal below, you write:

 > Konrad suggested using a PI at the F2F, and after looking at the
 > situation it is the only approach we could come up with that would
 > allow us to add semantics to the existing XMLDSIG schema without
 > breaking it.

However, in the examples below, the only time you would potentially
violate the XMLDSig schema is the insertion of the instruction between
the Signature and the SignedInfo element, which as you suggest is not
strictly necessary, and I agree. The other PIs are defined outside the
Signature element. Could the other PIs instead be encapsulated in a new
XMLDSig2 element?

It also occured to me that many of these minimal processing and
verification issues could be solved if the xml signature was always
stored in a separate xml document, and somehow safely associated or
packaged with what it is signing (like a zip file). Then a validator
could first parse/verify the signature, authenticate the signer, and
then validate the reference digests in the document(s) in a streaming
manner. Has anyone thought about that and making this a requirement for
a minimal profile?

--Sean
Received on Tuesday, 26 August 2008 01:00:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT