W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

reference mechanisms in "XML-Signature Requirements"

From: by way of <connolly@w3.org>
Date: Fri, 16 Jul 1999 14:23:37 -0400
Message-Id: <3.0.5.32.19990716142337.00957bf0@localhost>
To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Some review comments on
	XML-Signature Requirements 
	W3C Working Draft 1999-June-23 
	http://www.w3.org/TR/1999/xmldsig-requirements-990623.html

I think it's clear that XML signatures be able to
refer to content using URIs (along with fragment identifiers).
I suggest that it's also sufficient.

It's a real pain that between RFC1630 and RFC2396, the
term "URI" got changed from including the #fragmentID
to not including it, but there you are.
The HTML 2.0 spec uses the term "anchor address"
to mean an absolute URI with an optional fragment identifier.
You can use that, or define the term "web address"
analagously.

You might be trying to use the term "XML locator" to
mean just that:


	XML-Signature referents are identified with
        XML locators (URIs or fragments)

But note that it (currently) doesn't;
it proposes a sort of extension to URIs using the |
to signal some new semantics. Did you mean to
include this new | feature?

http://www.w3.org/TR/1998/WD-xlink-19980303#addressing


Anyway... I suggest you strike "Whenever possible" from
	Whenever possible, any resource or algorithm identifier is a
	first class object, and addressable by a URI.

(and replace "URI" by "anchor address" or "web address"
or "XML locator", unless you really mean URI without
the fragment identifier.)

and replace
	Ability to specify algorithms independently and to
	reference the algorithms linked to standard algorithm
	specifications (e.g. OIDs)

with a note saying that if you want to use a signature
algorithm in conjuction with XML-signature, you've got
to define a URI for it. Hmm... seems we're lacking
a spec for oid: URIs. Easy enough to fix... just
write a little spec like the uuid: URI scheme.

	the UUID addressing scheme, 1997-11, Charlie Kindel 
	(cited from http://www.w3.org/Addressing/schemes#uuid)

Hmm... that Internet Draft seems to have expired.



-- 
Dan Connolly, W3C
http://www.w3.org/People/Connolly/
tel:+1-512-310-2971 (office, mobile)
mailto:connolly.pager@w3.org (put your tel# in the Subject:)
Received on Friday, 16 July 1999 14:46:09 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:06 GMT