updated Signature 1.1 and 2.0 for KeyInfoReference from Frederick.Hirsch@nokia.com on 2011-08-02 (public-xmlsec@w3.org from August 2011)

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 2 Aug 2011 17:41:19 +0000
To: <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <F21B1B05-0D54-4887-8465-1AFBC5D775D7@nokia.com>

As agreed on today's call, I updated the second paragraph in the KeyInfo section of XML Signature 1.1 and XML Signature 2.0 to have SHOULD for KeyInfoReference and not RetrievalMethod, as follows:

[[
While applications may define and use any mechanism they choose through inclusion of elements from a different namespace, compliant versions must implement KeyValue (section 4.5.2 The KeyValue Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyValue>) and should implement KeyInfoReference (section 4.5.10 The KeyInfoReference Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfoReference>).
]]

Section 4.5 in XML Signature 1.1, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfo

Likewise in XML Signature 2.0, section 7, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyInfo

[[
If KeyInfo is omitted, the recipient is expected to be able to identify the key based on application context. Multiple declarations within KeyInfo refer to the same key. While applications may define and use any mechanism they choose through inclusion of elements from a different namespace, compliant versions must implement KeyValue (section 7.2 The KeyValue Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyValue>) and should implement KeyInfoReference (section 7.10 The dsig11:KeyInfoReference Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyInfoReference>).
]]

This should complete ACTION-816.

regards, Frederick

Frederick Hirsch
Nokia

Received on Tuesday, 2 August 2011 17:42:01 UTC