Signed in parts. Re: XML-Signatures Requirements Last Call

-----Original Message-----
From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Friday, August 20, 1999 4:35 PM
Subject: XML-Signatures Requirements Last Call


>http://www.w3.org/TR/xmldsig-requirements



I am concerned (now after much thought) about the impact of
the requirement 3.1.3
"XML-signatures must be able to apply to a part or totality of a XML
document [Charter, Brown]"
I was a great advocate of that, but since I have been studying the
relationship between
a document and its semantics.

 My concern is that the semantics of any XML element
is totally dependent upon its enclosing context.  Think of a document as an
expression.
What does signing part of a document mean?  If it means signing a virtual
document
formed by stripping out (in a well defined way) everything which is not
signed, then
I understand it.  I think that definition can work but must be explicit.
If it means taking responsibility for certain parts only in context, then I
don't.
The outer surrounding context can invalidate, negate, or transform the
meaning of the
child elements in any way.

Maybe this has been addressed, in which case I apologize for bringing it up
again.

Tim Berners-Lee

xml-plenary group

PS:  For example, in my investigations into extending RDF to logic, in
http://www.w3.org/DesignIssues/Toolbox
defines an "RDF-transparent" property of an XML element which allows RDF to
be taken out of context
but cannot be assumed.

Received on Wednesday, 8 September 1999 15:58:58 UTC