W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2010

RE: Editorial Update: XML Signature 1.1 for KeyInfoReference

From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 22 Feb 2010 17:05:26 -0500
To: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>, "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <005b01cab40b$237090a0$6a51b1e0$@2@osu.edu>
Frederick Hirsch wrote on 2010-02-22:
> (2) added a warning to 4.5.3,
> 
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-
> RetrievalMethod

I might suggest moving the Note up next to the text discussing the risks of
Transforms. Concretely, I suggest removing the Note you added, and changing
the paragraph preceding the schema snippet to read:

"Note that when referencing one of the defined KeyInfo types within the same
document, or some remote documents, at least one Transform is required to
turn an ID-based reference to a KeyInfo element into a child element located
inside it. This is due to the lack of an XML ID attribute on the defined
KeyInfo types. In such cases, use of KeyInfoReference is encouraged instead,
see section 4.5.10."

> (3) Added KeyInfoReference to the 1.1 schema.

A small point, in section 4.5, we use comments inside the schema snippet for
KeyInfo to note one of the new child elements. Seems like we should put all
the new ones there or pull the comment for the one. May also apply to the
underlying schema, I don't know if we edited that or not.

-- Scott
Received on Monday, 22 February 2010 22:06:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 22 February 2010 22:06:03 GMT