RE: rewrite of requirements 3.2.2 from John Boyer on 1999-09-27 (w3c-ietf-xmldsig@w3.org from July to September 1999)

From: John Boyer <jboyer@uwi.com>
Date: Mon, 27 Sep 1999 13:08:16 -0700
To: <rdbrown@Globeset.com>, <dee3@us.ibm.com>
Cc: <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBLAOMJKOFPMBCHJOIEEGJCBAA.jboyer@uwi.com>

-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Richard D. Brown
Sent: Monday, September 27, 1999 10:51 AM
To: 'John Boyer'; dee3@us.ibm.com
Cc: w3c-ietf-xmldsig@w3.org
Subject: RE: rewrite of requirements 3.2.2

John,

Are we trying to say something like:

"It shall be possible to embed an XML Signature element at any location
within an XML document and to specify the scope of the signature
independently of such location."

<John>
Other than a minor tweak or two, the part I added was "The intent is that
the root element tag remain invariant under the operation of signature
creation, and that the descendancy tree of the root element remain unchanged
except for the addition of signature element(s) in places permitted by the
XML extension language."

I think this actually does say what is above but also is explicit about two
things that seem to have been important to WG members.  The first is
important to others and me:  I am quite in favor of having the requirement
explicitly mention the part about the root element not changing.  My
perception is that many systems will view signature as a method to be
invoked on a document, which will change information within or add
information to that document.  The root element identifies what type of
document I have, and that shouldn't change just because a signature has been
affixed.  The second point seems to have been important to others:  one can
only add the signature element(s) in places allowed by the language (i.e. by
its DTD).  This did not concern me personally, though, because it seemed to
me that the application has to insert the signature element within the
document before any behavior suggested by our spec for signature creation
can begin.  If the application, with full knowledge of its own DTD, cannot
figure out where to put the signature element, then the application has a
problem.

Nonetheless, since it is important to some, we may as well say it since it
is what we mean (and inevitable) anyway.

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company
</John>

Sincerely,

Richard D. Brown

> -----Original Message-----
> From: John Boyer [mailto:jboyer@uwi.com]
> Sent: Monday, September 27, 1999 12:32 PM
> To: rdbrown@Globeset.com; dee3@us.ibm.com; w3c-ietf-xmldsig@w3.org
> Subject: RE: rewrite of requirements 3.2.2
>
>
> Hi Richard,
>
> Since this one seems to matter a lot to me, how about
> something like this:
>
> 2. It must be easy to specify XML documents that contain
> signatures.  For
> XML signatures, it must be easy to specify the material that
> is signed such
> that signatures can be inserted within a document and cover
> all or part of
> the document outside of the inserted signature.  The intent
> is that the root
> element tag remain invariant under the operation of signature
> creation.
>
> John Boyer
> Software Development Manager
> UWI.Com -- The Internet Forms Company
>

Received on Monday, 27 September 1999 16:07:38 UTC