W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2008

Re: Some strawman ideas concerning <ds:Transforms>

From: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
Date: Wed, 23 Jul 2008 16:37:01 +0200
Message-ID: <4887420D.7070102@iaik.tugraz.at>
To: Pratik Datta <pratik.datta@oracle.com>
CC: Sean Mullan <Sean.Mullan@sun.com>, public-xmlsec@w3.org

Pratik Datta wrote:
> I would like to see if we can achieve this streaming hint with forward 
> compatibility.
+1 to at least trying to achieve that.
> By that I mean, we put in the hint in such a place that older implementations 
> can still verify such a signature by ignoring the hint, whereas newer 
> implementations can take advantage of this hint and do streaming.
Quick Proposal:

        <ds:Reference URI="">
            <?ds:Reference dereference as event stream allowed,
constrained transforms enforced, legacy equivalent processing and
compatible results are hereby stipulated ?>
            <ds:DigestMethod Algorithm="..."/>

If  the hints / preconditions are not fulfilled by the ds:Transforms,
throw an error.
> [...] how about adding it as a new attribute to an existing transform?  
> Implementations will probably ignore unknown attributes. Or maybe add a new 
> transformation parameter?
I doubt that extension points will be ignored by applications in
general, hence my preference for a processing-instruction.


Konrad Lanz, IAIK/SIC - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Tel: +43 316 873 5547
Fax: +43 316 873 5520

Certificate chain (including the EuroPKI root certificate):

Received on Wednesday, 23 July 2008 14:38:18 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:09 UTC