W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Simplified Syntax (The Crux of the Matter!)

From: John Boyer <jboyer@uwi.com>
Date: Wed, 1 Dec 1999 08:59:33 -0800
To: "Phillip M Hallam-Baker" <pbaker@verisign.com>
Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBLAOMJKOFPMBCHJOIIEHOCCAA.jboyer@uwi.com>
Hi Phil,

-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Phillip M
Hallam-Baker
Sent: Monday, November 29, 1999 7:54 AM
To: Tim Berners-Lee; John Boyer; Joseph M. Reagle Jr.
Cc: Donald E. Eastlake 3rd; Dave Solo; DSig Group
Subject: RE: Simplified Syntax (The Crux of the Matter!)


That that bit stream may represent a document ABDE = F(ABCDE, C) is
irrelevant.

The signature makes no statement concerning ABCDE, it is only the bit stream
representing the document that is authenticated.

<John>
Ah, now I see that you have indeed missed the point.  Yes, ABDE does in fact
contain a very precise statement about ABCDE.  That is what I am trying to
get you to understand. If the document ABDE contains a clear, precisely
stated *signed* assertion that the signature on the document containing ABDE
is broken if there is any change other than the addition of a particular C
between B and D, then it very much matters whether the document is ABCDE or
ABXDE since the former will cause ABDE to be passed to the digest algorithm
and the latter will cause ABXDE to be passed to the digest algorithm.

And, by the way, the W3C recommended XPath is that precise language from
which the wider community can be assured that security will flow in
abundance (via omission logic XPath transforms).

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company
</John>
Received on Wednesday, 1 December 1999 12:01:44 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT