W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

Description of the Problem

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 24 Aug 1999 16:32:07 -0400
Message-Id: <3.0.5.32.19990824163207.009f4690@localhost>
To: David Solo <david.solo@citicorp.com>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
David, an attempt at a characterization of our discursion re [1]

1. We want simple processing rules, and you fear based on feedback that one
c14n for the signature and another for inline content within that signature
will lead to complexity or double c14n'ation.
2. In your new proposal, the indirection of the reference pointing to the
object ID which exists outside of <signedInfo> means that fear of point 1 is
mitigated. No chance of double c14n since they are not nested.
3. I'm not convinced that playing with the syntax (making this distinction)
in this way and specifying processing behavior over that distinction is any
easier (or harder) than simply saying the signature c14n should not touch
the nested content of <inline> (or <object>) IF we decide to nest it inside.
We MAY wish to nest it inside for data model reasons, but then again, it
might not be a biggie, the model is very flexible. The goal isn't to
constrain, but to unambiguously specify relationships. (In my picture [2], I
think we would just remove the object relationship from signature->{object,
package, manifest}.

[1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/1999JulSep/0213.html
[2] http://www.w3.org/Signature/Drafts/xml-dsig-datamodel-990823.html


_________________________________________________________
Joseph Reagle Jr.   
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://w3.org/People/Reagle/
Received on Tuesday, 24 August 1999 16:32:17 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:07 GMT