Hi, Pratik Datta wrote: > I would like to see if we can achieve this streaming hint with forward > compatibility. > +1 to at least trying to achieve that. > By that I mean, we put in the hint in such a place that older implementations > can still verify such a signature by ignoring the hint, whereas newer > implementations can take advantage of this hint and do streaming. > Quick Proposal: <ds:Reference URI=""> <?ds:Reference dereference as event stream allowed, constrained transforms enforced, legacy equivalent processing and compatible results are hereby stipulated ?> <ds:Transforms> ... </ds:Transforms> <ds:DigestMethod Algorithm="..."/> <ds:DigestValue>...</ds:DigestValue> </ds:Reference> If the hints / preconditions are not fulfilled by the ds:Transforms, throw an error. > [...] how about adding it as a new attribute to an existing transform? > Implementations will probably ignore unknown attributes. Or maybe add a new > transformation parameter? > I doubt that extension points will be ignored by applications in general, hence my preference for a processing-instruction. Konrad -- Konrad Lanz, IAIK/SIC - Graz University of Technology Inffeldgasse 16a, 8010 Graz, Austria Tel: +43 316 873 5547 Fax: +43 316 873 5520 https://www.iaik.tugraz.at/aboutus/people/lanz http://jce.iaik.tugraz.at Certificate chain (including the EuroPKI root certificate): https://europki.iaik.at/ca/europki-at/cert_download.htm
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 1 October 2008 12:10:53 GMT