W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Omitting Location and Transforms from SignedInfo

From: <david.solo@citicorp.com>
Date: Wed, 17 Nov 1999 17:00:54 -0500
Message-Id: <H0000cc404c04a74@MHS>
TO: w3c-ietf-xmldsig@w3.org
Jim's interpretation is exactly what I was trying to convey in the processing 
description.  I agree that adding clarification to make this more explicit 
would be a good idea (particularly in the ObjectReference section).

Dave

> -----Original Message-----
> From: reagle [mailto:reagle@w3.org]
> Sent: Wednesday, November 17, 1999 4:26 PM
> To: jimsch
> Cc: reagle; w3c-ietf-xmldsig
> Subject: RE: Omitting Location and Transforms from SignedInfo
> 
> 
> At 13:12 99/11/17 -0800, Jim Schaad (Exchange) wrote:
>  >3.  The current wording of the document says:
>  >
>  >    1. locate object and apply Transforms  to the specified resource
>  >       based on each ObjectReference(s) in the SignedInfo 
> element.  Each
>  >       transform is applied in order from left to right to 
> the object
>  >       with the output of each transform being the input to 
> the next.
>  >
>  >This does not imply in my mind that the location is the 
> only place that the
>  >object can come from.  It merely says find the bytes for the object.
> 
> Jim,
> 
> I had read this differently (and as I said I didn't like the 
> result of the
> way I read it). But reading it as you do (which I think is 
> probably the
> right way on hindsight) I'd agree that the current syntax is 
> sufficient. In
> the next version of the specification we should be clearer 
> that it is not
> necessary that the URL be dereferenced from the network for 
> the resource to
> validate only that some content when transformed (and perhaps 
> that content
> was pulled from a cache) yields the digest value.
> 
> 
> _________________________________________________________
> Joseph Reagle Jr.   
> Policy Analyst           mailto:reagle@w3.org
> XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
> 


Received on Wednesday, 17 November 1999 17:01:45 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT