Joseph: Your definition of KeyInfo is information related to the generation of the signature. Mine is that KeyInfo is information required by the verifier of a signature. There are several forms, like KeyName, that illustrate that it's not intended to be used in the generation of a signature. Also, in your choice between: "A. Non cryptographic electronic signatures should place their "validating" information in SignatureProperties, or B. Non cryptographic electronic signatures can not use XML Signature syntax what-so-ever. (Specifying this would be difficult as we would then have to enumerate all the algorithms that may be used, or all those that may not, and it's difficult to enforce.)" I believe we should clearly state that compliance with this standard requires that a cryptographic signature MUST be generated (or verified.) If the producer of a cryptographically signed XML document wishes to add an electronic signature, it should be included as a SignatureProperty. --BarbReceived on Monday, 5 June 2000 20:29:43 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT