Suggested Corrections to 10/20/99 WD from Richard Himes on 1999-10-21 (w3c-ietf-xmldsig@w3.org from October to December 1999)

From: Richard Himes <rhimes@nmcourt.fed.us>
Date: Thu, 21 Oct 1999 13:29:13 -0600
To: w3c-ietf-xmldsig@w3.org
Message-ID: <380F6988.4EA7EC3E@nmcourt.fed.us>

Following are suggested corrections to the 10/20/99 WD.  In some cases,
I have enclosed text to be removed in square brackets [ ] and text to be
added in curly braces { } for brevity.   I’m using “p” to mean paragraph
here.

last paragraph of 1.0 “including a method[s]”

p 5 of 1.1 “algor[ith]ithms”

p 6 of 1.3.1 “as show{n} above”

1.3.3 “(CanonicalizationAlgorithm)[?]” (4.0/1 says this is mandatory)

last para 1.3.3 “is applied{,} results”

last para 1.3.4  I don’t understand what “asserts the equivalence of”
means.

3.0 ELEMENT statement contains a mismatched right parenthesis

4.0 ATTLIST should be “id”, not “Id”

p 1 of 4.1 “a[n] URI”   (I thought you might be pronouncing this
phonetically, but elsewhere, “a URI” is used)

last of 4.1 “may be replace{d}”

p 1 of 4.3.1 “this approach might be used in associated a signature with
a lightweight protocol data unit”  (I can’t parse this sentence)

4.3.2 ELEMENT has CDATA, comment refers to its PCDATA

p 1 of 4.3.3 SignedInfo instead of signedinfo
p 1 of 4.3.3 Should encode be decode?  Don’t we want to decode (base64)
as the transformation and sign the raw binary?  Also, encoding is listed
twice in the sequence
“encoding, canonicalization, XPointer, XSLT, filtering, encoding”

p 1 of 4.3.3  “In addition[a]”

p 3 or 4.3.3  I don’t understand the last two sentences of this
paragraph.  Is this confusing to anyone else?  I think my main problem
is the way the term “content” is used, and why its processing depends on
whether the transformation is well known or not.

4.3.3 perhaps the Encoding transform should be called Decoding, since
that is the transform we are performing, I believe.

4.3.5 DigestValue, not digestvalue

7.2.1 “a[n] 20-octet [octet]

7.4.2 “<insert example here>”

7.5.1 “For many applications, one of the other canonicalization
algorithms will be more appropriate.”  Is this sentence necessary?

p 1 of 7.6.1 subject-verb mismatch

Last para of 7.6.2 “input (…) is base-64 decoded”
Shouldn’t the input to the transform be encoded, since the algorithm
decodes it?

8.1 step 5 refers to step “d”?
8.2 step 6 refers to steps “d” and “e”?

10.0 Example
timestamp has xmlsn instead of xmlns
KeyInfo is closed with /keyinfo instead of /KeyInfo

Replace all SignatureAlg with SignatureAlgorithm
Replace all CanonicalizationAlg with CanonicalizationAlgorithm

Thanks,
Rich Himes

Received on Thursday, 21 October 1999 15:29:41 UTC