- From: John Boyer <jboyer@uwi.com>
- Date: Wed, 1 Dec 1999 08:59:33 -0800
- To: "Phillip M Hallam-Baker" <pbaker@verisign.com>
- Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
Hi Phil, -----Original Message----- From: w3c-ietf-xmldsig-request@w3.org [mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of Phillip M Hallam-Baker Sent: Monday, November 29, 1999 7:54 AM To: Tim Berners-Lee; John Boyer; Joseph M. Reagle Jr. Cc: Donald E. Eastlake 3rd; Dave Solo; DSig Group Subject: RE: Simplified Syntax (The Crux of the Matter!) That that bit stream may represent a document ABDE = F(ABCDE, C) is irrelevant. The signature makes no statement concerning ABCDE, it is only the bit stream representing the document that is authenticated. <John> Ah, now I see that you have indeed missed the point. Yes, ABDE does in fact contain a very precise statement about ABCDE. That is what I am trying to get you to understand. If the document ABDE contains a clear, precisely stated *signed* assertion that the signature on the document containing ABDE is broken if there is any change other than the addition of a particular C between B and D, then it very much matters whether the document is ABCDE or ABXDE since the former will cause ABDE to be passed to the digest algorithm and the latter will cause ABXDE to be passed to the digest algorithm. And, by the way, the W3C recommended XPath is that precise language from which the wider community can be assured that security will flow in abundance (via omission logic XPath transforms). John Boyer Software Development Manager UWI.Com -- The Internet Forms Company </John>
Received on Wednesday, 1 December 1999 12:01:44 UTC