W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

Re: comments on 990806 Requirements Doc

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 17 Aug 1999 16:08:45 -0400
Message-Id: <>
To: dee3@us.ibm.com
Cc: "Richard D. Brown" <rdbrown@Globeset.com>, "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, "John Boyer" <jboyer@uwi.com>
[Comments to an email from  Don, that hasn't yet made it to the list.]

At 13:21 99/08/17 -0400, dee3@us.ibm.com wrote:
 >2.2:  Suggest changing "The manifest includes..." to "The manifest must
 >support..." so as to permit other types of manifest.

Manifests that don't use URIs? If so, what would be the example?

 >3.1.2: Assumes the manifest of locators model.  Perhaps simply changing
 >"XML-signatures apply ..." to "XML-signatures may apply..." would give the
 >flexibility needed to accodate other models.

What other models are we speaking of?

 >,, I don't understand why these points are at the
 >level.  S

Ok, they've been promoted.

 >3.1.3 & 3.3.1: Suggest replacing "negotiation" with "calculation".  I
 >this refers to Diffie-Hellman and I think calculation is more accurate than
 >negotiation.  Might even want to change 3.1.3 to be "...calculation of
 >material such as Diffie-Hellman agreement."

Done. Richard if you object, say so.

 >3.2.1: Suggest simply replacing "document" with "element" and dropping the

Now reads, "An XML-signature must be a well-balanced XML region (as defined
by XML-Fragment) that begins and ends with a signature element. [Charter]"

 >3.2.2: Suggest replacing "required" with "mandatory to implement".


 >3.3.3: I think behaviour in this case is application dependent.  It would
 >good for applications to at least notice conflicts and be able to report
Are you agreeing with the comment? Could you restate the requirement or

 >Boxed comment at the end of 3.4: I don't see that packaging is that
dependent on
 >trust/semantic definitions.  Since there are fragment and package WGs, why
 >coordination with them adequate?

(At 4.2. Package might start next year, and Boyer doesn't think the fragment
work is sufficient, so I'm flagging these as particularly salient

Joseph Reagle Jr.   
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://w3.org/People/Reagle/
Received on Tuesday, 17 August 1999 16:08:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:31 UTC