[w3c-ietf-xmldsig] <none>

> >... which just goes to show that "the content of a Web resource"
> >is a definite description error, like saying "the arm of the man."
> >Which arm?

>I don't buy this. To the question of "which arm" the answer is the arm with
>the following fingerprint (hash).

Yes, but we don't want a digital signature system that has to search around
for something matching a given hash until it finds the content that the
signature 'must have' been referring to.

If a signature is created that includes a hash of something indicated by the
URI, and someone later changes the content at the URI, then the signature is
broken.  When the content addressed by a URI is known to be volatile, the
only reasonable option is to take a copy of the content and put it into the
document.

Taking a copy could be viewed as an application level task.  However, I
think it would be easier for those who must write a signature manifest if
they could give a URI, but mark it as volatile (e.g. using an attribute).
Then, the algorithm that creates the signature would know to do the
following: 1) obtain the content, 2) store it in a local element within the
document, and 3) change the URI in the manifest to point to the local
element before creating the hash of the manifest.

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company

Received on Wednesday, 21 July 1999 19:11:46 UTC