W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

RE: Signed in parts. Re: XML-Signatures Requirements Last Call

From: John Boyer <jboyer@uwi.com>
Date: Wed, 8 Sep 1999 13:30:58 -0700
To: "Tim Berners-Lee" <timbl@w3.org>, <chairs@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, <w3c-xml-plenary@w3.org>, "Donald E. Eastlake 3rd" <dee3@us.ibm.com>, "Jon Bosak" <Jon.Bosak@eng.sun.com>
Message-ID: <NDBBLAOMJKOFPMBCHJOIKEBLCBAA.jboyer@uwi.com>
Although this issue has been addressed in the scenarios document[1], I think
it is important that you brought it up.

[1] http://www.w3.org/Signature/Drafts/xmldsig-scenarios-990818.html

An element's meaning can be changed by tags and attributes of any element in
its ancestor path.  Furthermore, it can derive meaning from surrounding
sibling elements.  Actually these are the 'reasonable' places from which an
element can derive information, but because lexicon and hence semantics are
defined mostly by extension languages of XML, meaning can be defined to be
derived from anywhere (including sources external to the document).

Hence, I agree with you that an XML signing facility should be sufficiently
broad to express all data interrelationships that can be defined in XML.
This would include the ability to capture the ancestors of elements should
they be required to get the full meaning of a given element.  Fortunately,
as I stated in the second FTF meeting, the new XPointer syntax provides
sufficient power to deal with partial document signing problems such as the
one you've mentioned (as well as the others also mentioned in the scenarios
document).

The only trick will be convincing everyone that it is not nearly as much
work to include XPointers as one might imagine.  Further, although it is
some extra work, the work is not so great that we should let it get in the
way of designing the right signing system.

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company


-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Tim Berners-Lee
Sent: Wednesday, September 08, 1999 12:59 PM
To: chairs@w3.org; Joseph M. Reagle Jr.
Cc: IETF/W3C XML-DSig WG; w3c-xml-plenary@w3.org; Donald E. Eastlake
3rd; Jon Bosak
Subject: Signed in parts. Re: XML-Signatures Requirements Last Call



-----Original Message-----
From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Friday, August 20, 1999 4:35 PM
Subject: XML-Signatures Requirements Last Call


>http://www.w3.org/TR/xmldsig-requirements



I am concerned (now after much thought) about the impact of
the requirement 3.1.3
"XML-signatures must be able to apply to a part or totality of a XML
document [Charter, Brown]"
I was a great advocate of that, but since I have been studying the
relationship between
a document and its semantics.

 My concern is that the semantics of any XML element
is totally dependent upon its enclosing context.  Think of a document as an
expression.
What does signing part of a document mean?  If it means signing a virtual
document
formed by stripping out (in a well defined way) everything which is not
signed, then
I understand it.  I think that definition can work but must be explicit.
If it means taking responsibility for certain parts only in context, then I
don't.
The outer surrounding context can invalidate, negate, or transform the
meaning of the
child elements in any way.

Maybe this has been addressed, in which case I apologize for bringing it up
again.

Tim Berners-Lee

xml-plenary group

PS:  For example, in my investigations into extending RDF to logic, in
http://www.w3.org/DesignIssues/Toolbox
defines an "RDF-transparent" property of an XML element which allows RDF to
be taken out of context
but cannot be assumed.
Received on Wednesday, 8 September 1999 16:32:47 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:07 GMT