W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

Re: SignedInfo Type Attribute

From: Gregor Karlinger <Gregor.Karlinger@iaik.at>
Date: Tue, 21 Dec 1999 07:22:55 +0100
Message-ID: <385F1CBF.2AFA9A69@iaik.at>
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
CC: w3c-ietf-xmldsig@w3.org
"Donald E. Eastlake 3rd" wrote:
> I do not understand what problem you see.  Core signature
> verification, in the example you give, would require that the Manifest
> be fetched, digested, and this digest checked again the DigestValue in
> Reference in SignedInfo.  In that regard it is of no partciular
> significant that it happens to be a Manifest as opposed to plain data.
> However, many applications will want to further vefify the digests
> inside Manifests, perhaps recursively to many levels.

So I conclude the following (please tell me if I am wrong):

If the Type attribute of Reference indicates a manifest, but the URI
attribute does not refer to a XML-Document which root element is a 
manifest, that is an application problem and does not touch core 
behaviour, i.e. the correctness of the type attribute is not checked
by core behaviour.


Gregor Karlinger
Institute for Applied Information Processing and Communications

Received on Tuesday, 21 December 1999 01:22:45 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:32 UTC