- From: John Boyer <jboyer@uwi.com>
- Date: Mon, 10 Jan 2000 09:45:12 -0800
- To: "Joseph M. Reagle Jr." <reagle@w3.org>
- Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
These comments are based on the text in [1]. [1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000104/ The definition for Enveloping Signature seems too constraining. Current definition: The signature is over content found within the signature itself via an IDREF to an Object element. The Signature provides the root XML document element. It does not seem necessary to say that the content must be found with an IDREF. The Object element containing the content may be identified by a transform. Also, the enveloping signature need not provide the document root, though clearly that is the principal reason for the enveloping signature.Proposed definition: SIGNATURE, ENVELOPING: The signature is over content found within the signature itself in an Object element. The Object is typically identified by IDREF (though a transform could be used), and the enveloping Signature element is typically used to provide the root document element. The definition of detached signature also seems too constraining. Current definition: The signature is over external content identified via a URI. Cosequently, the signature is "detached" from the content it signs. The content external to the signature may be within the same document and hence identified either by IDREF or by a transform. A detached signature is very much like an enveloped signature (in construction) except that an enveloped signature includes the signature element as content. Proposed definition: SIGNATURE, DETACHED: The signature is over content external to the Signature element, which can be identified via a URI, IDREF, or transform. Consequently, the signature is "detached" from the content it signs. John Boyer Software Development Manager UWI.Com -- The Internet Forms Company
Received on Monday, 10 January 2000 12:48:35 UTC