- From: <rhimes@nmcourt.fed.us>
- Date: Mon, 22 Nov 1999 17:42:47 -0700
- To: <w3c-ietf-xmldsig@w3.org>
- Message-Id: <9911229433.AA943318140@nmcourt.fed.us>
Please disregard. I understand Mark's point now and posted a more accurate response in my last post. I now think we should allow a few specific unsigned transforms (e.g. base64-decode the content of an element), but not generic ones. Thanks, Rich ____________________Reply Separator____________________ Subject: Re:RE: 991118 Telecon Minutes Author: <w3c-ietf-xmldsig@w3.org> Date: 11/22/99 5:58 PM John, >In general, arbitrary transforms should not be omitted from (or allowed >outside of) SignedInfo. Mark Bartel has a fine email that runs through an >example of why this is so. The way I read Mark's example, the output of the spoof transform would fail signature validation, so I'm still not convinced that signing transforms buys anything. Anything goes if we aren't validating. I view transforms (including c14n) as being very closely related to locations. Both are windows that allow us to see through to the signed bits. Those signed bits can be passed through new windows, but that's OK as long as you can specify a way (a new "path" of windows) to get back to them. Thanks, Rich
Attachments
- text/plain attachment: RFC822.TXT
Received on Monday, 22 November 1999 19:48:55 UTC