W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

Re: Signature definitions

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Mon, 10 Jan 2000 16:31:52 -0500
Message-Id: <3.0.5.32.20000110163152.009d7aa0@localhost>
To: "John Boyer" <jboyer@uwi.com>
Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
At 09:45 00/01/10 -0800, John Boyer wrote:
 >These comments are based on the text in [1].
 >
 >[1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000104/
 >
 >The definition for Enveloping Signature seems too constraining.  Current
 >definition:
 ...
 >SIGNATURE, ENVELOPING: The signature is over content found within the
 >signature itself in an Object element. The Object is typically identified
by
 >IDREF (though a transform could be used), and the enveloping Signature
 >element is typically used to provide the root document element.

I agree with your point here.

 >The definition of detached signature also seems too constraining.  Current
 >definition:
 >
 >The signature is over external content identified via a URI. Cosequently,
 >the signature is "detached" from the content it signs.
 
Ok, when I wrote these I was thinking if you used a URI to some other
resource, it was obviously a detached signature, if it was in the same
document it was either enveloped or enveloping:

<enveloped>
  <signature/>
</envoloped>

<signature>
  <object>
      <enveloping/>
  </object>
</signature>

You are speaking of the case of

<some element>
   <signature/>
   <signedobject/>
</some element>

Even though they are in the same document, I think I agree that the best
match (instead of creating a new name for it) would be to call it a detached
signature -- even though they appear in the same document.

 >SIGNATURE, DETACHED: The signature is over content external to the
Signature
 >element, which can be identified via a URI, IDREF, or transform.
 >Consequently, the signature is "detached" from the content it signs.


_________________________________________________________
Joseph Reagle Jr.   
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Monday, 10 January 2000 16:31:57 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT