W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

AW: AW: Re[2]: Omitting Location and Transforms from SignedIn

From: Peter Lipp <Peter.Lipp@iaik.at>
Date: Thu, 18 Nov 1999 17:11:48 +0100
To: <rhimes@nmcourt.fed.us>, <w3c-ietf-xmldsig@w3.org>, <jboyer@uwi.com>, <gwhitehead@signio.com>
Message-ID: <NDBBLDEHJKOODMJCNBNCKEALCOAA.Peter.Lipp@iaik.at>
> We are allowing the signed object to be internal or external to a
> document.  Are you disagreeing with this?
No, I am not.

> Should the object always be imbedded in the
> <Signature> element?  If not, don't you have to locate it?
What I was saying that I see more often the reason to locate the signature
to a given object

> or at least we should allow for it.  Suppose I make a statement that "The
> document at www.xxx.com/PG is suitable reading for children".  I
This is fine, but I would rarely go and check your signature in such cases
if I did not want to know about www.xxx.com in the first place. If I happen
to find your signature laying around, I would not go off to check the page
out of curiosity if your signature verifies or not.

What I was aiming at was that the workflow would more often move from the
document to the signature than the other way round.

Peter




Received on Thursday, 18 November 1999 11:11:54 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT