W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: SignedInfo c14nAlg

From: Greg Whitehead <gwhitehead@signio.com>
Date: Fri, 8 Oct 1999 09:16:29 -0700
Message-ID: <6B962A1EE646D31193270008C7A4BAB5093386@mail.paymentnet.com>
To: w3c-ietf-xmldsig@w3.org
I agree completely!


-----Original Message-----
From: Donald E. Eastlake 3rd [mailto:dee3@torque.pothole.com]
Sent: Thursday, October 07, 1999 9:46 PM
To: w3c-ietf-xmldsig@w3.org
Cc: dee3@us.ibm.com
Subject: SignedInfo c14nAlg

The latest draft tweak required the SignedInfo c14nAlg element to be
present.  The more I think about this the more I think that rather
than being mandatory, this element should just be eliminated.  We know
and are specifying the syntax and processing of SignedInfo.  I see no
reason not to just specify thorough canonicalization, such as "DOM
Canon".  True, this is not necessary in some benign environments.  In
some static binary clean environments, you might even be able to get
away with Null canonicalization of SignedInfo.  But we know and are
specifying enough about SignedInfo that we can assure that thorough
canonicalization will not hurt Signatures now or in the future.  And
such canonicalization might be necessary to make some signatures
robust enough to not break when they are processed through more
obstreperous environments.  In other words, I don't see enough of a
downside to make it worth the additional complexity of having to
specify the SignedInfo c14nAlg.

 Donald E. Eastlake 3rd   +1 914-276-2668     dee3@torque.pothole.com
 65 Shindegan Hill Road, RR#1  +1 914-784-7913(work)  dee3@us.ibm.com
 Carmel, NY 10512 USA
Received on Friday, 8 October 1999 12:16:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:32 UTC