W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2010

RE: Action 713 Bruce Rich to review XML Signature 2.0 requirements

From: Bruce Rich <brich@us.ibm.com>
Date: Fri, 3 Dec 2010 12:23:10 -0600
To: public-xmlsec@w3.org
Message-ID: <OF0B799A24.94716E94-ON862577EE.0062F0A5-862577EE.0065013B@us.ibm.com>
I made several passes through the XML Security 2.0 Requirements and Design 
Considerations, with particular focus on the Signature requirements.

I believe the current draft of Signature 2.0 meets all of the requirements 
expressed in the Requirements doc, save the "new ByteRange transform" in 
section 3.2.3.  (
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs2/Overview.html#binary-portions-proposal
)
We met this one in spirit, although not in the form that the Requirements 
doc requested. 
We could mod the requirements document to permit enough flexibility to 
have the selection operation in section 6.7.2 (
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-Type-Binary-fromURI
) be an adequate resolution of the requirement.
Or we could just let sleeping dogs lie, thank the requirements doc for its 
proposal and conclude that the selection operation honors the spirit of 
the request.
I would propose the latter.

Bruce A Rich
brich at-sign us dot ibm dot com
Received on Friday, 3 December 2010 18:23:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 3 December 2010 18:23:53 GMT