- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 08 Jun 1999 14:34:31 -0400
- To: dee3@us.ibm.com
- Cc: w3c-ietf-xmldsig@w3.org
At 12:14 PM 6/8/99 -0400, dee3@us.ibm.com wrote: >It's the hash of the URI, not the hash of what the URI points to. That's how I first read it and thought, "that doesn't abide by the 'fixed point property.' " But I thought, why bother? So I reread the following "expanded" > >2. Hex coding of MD5 of the Expanded URI is used as the new prefix. to read fetch the resource for security; which still didn't abide by the fixed point property. A hash of a hash will still be a different hash regardless if the first was generated from the URI string or it's resource. So: 1. Why bother with a hash of the URI string? Why not use the URI? 2. Is it worth losing "fixed point" because of it? _________________________________________________________ Joseph Reagle Jr. Policy Analyst mailto:reagle@w3.org XML-DSig Co-Chair http://w3.org/People/Reagle/
Received on Tuesday, 8 June 1999 14:34:33 UTC