W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

Re: SignedInfo Type Attribute

From: Gregor Karlinger <Gregor.Karlinger@iaik.at>
Date: Tue, 21 Dec 1999 07:22:55 +0100
Message-ID: <385F1CBF.2AFA9A69@iaik.at>
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
CC: w3c-ietf-xmldsig@w3.org
"Donald E. Eastlake 3rd" wrote:
> 
> I do not understand what problem you see.  Core signature
> verification, in the example you give, would require that the Manifest
> be fetched, digested, and this digest checked again the DigestValue in
> Reference in SignedInfo.  In that regard it is of no partciular
> significant that it happens to be a Manifest as opposed to plain data.
> However, many applications will want to further vefify the digests
> inside Manifests, perhaps recursively to many levels.

So I conclude the following (please tell me if I am wrong):

If the Type attribute of Reference indicates a manifest, but the URI
attribute does not refer to a XML-Document which root element is a 
manifest, that is an application problem and does not touch core 
behaviour, i.e. the correctness of the type attribute is not checked
by core behaviour.

Gregor

-- 
---------------------------------------------------------------
Gregor Karlinger
mailto://gregor.karlinger@iaik.at
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------



Received on Tuesday, 21 December 1999 01:22:45 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT