W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2000

Default transforms

From: Petteri Stenius <Petteri.Stenius@remtec.fi>
Date: Mon, 5 Jun 2000 11:26:46 +0300
Message-ID: <CD0FF8F92CA8D311B9AB00105A14D5570B1133@server.remtec.fi>
To: "'TAMURA Kent'" <kent@trl.ibm.co.jp>, "IETF/W3C XML-DSig WG (E-mail)" <w3c-ietf-xmldsig@w3.org>
Cc: "Joseph M. Reagle Jr." <reagle@w3.org>

I think the spec is rather unclear on what to do when the Transforms element
is missing from a reference. 

Chapter 2.1.1 of [1] reads:

"[s06-08] Transforms is an optional ordered list of processing steps that
were applied to the resource's content before it was digested. Transforms
can include operations such as canonicalization, encoding/decoding
(including compression/inflation), XSLT and XPath. XPath transforms permit
the signer to derive an XML document that omits portions of the source
document. Consequently those excluded portions can change without affecting
signature validity. For example, if the resource being signed encloses the
signature itself, such a transform must be used to exclude the signature
value from its own computation. If no Transforms element is present, the
resource's content is digested directly. While we specify mandatory (and
optional) canonicalization and decoding algorithms, user specified
transforms are permitted."

Chapter 4.3.3 of [1] reads:

"[URI] permits identifiers that specify a fragment identifier via a
separating number/pound symbol '#'. (The meaning of the fragment is defined
by the resource's MIME type). XML Signature applications MUST support the
XPointer 'bare name' [Xptr] shortcut after '#' so as to identify IDs within
XML documents. The results are serialized as specified in section
6.6.3:XPath Filtering. For example,"


My interpretation of 2.1.1 is that there is *no* default serialization or
canonicalization algorithm. But reading 4.3.3 would suggest that XPath is
used by default.

Any ideas?

Petteri


[1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000601/
Received on Monday, 5 June 2000 04:26:40 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT