W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

Re: Signature definitions

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Mon, 10 Jan 2000 16:31:52 -0500
Message-Id: <>
To: "John Boyer" <jboyer@uwi.com>
Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
At 09:45 00/01/10 -0800, John Boyer wrote:
 >These comments are based on the text in [1].
 >[1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000104/
 >The definition for Enveloping Signature seems too constraining.  Current
 >SIGNATURE, ENVELOPING: The signature is over content found within the
 >signature itself in an Object element. The Object is typically identified
 >IDREF (though a transform could be used), and the enveloping Signature
 >element is typically used to provide the root document element.

I agree with your point here.

 >The definition of detached signature also seems too constraining.  Current
 >The signature is over external content identified via a URI. Cosequently,
 >the signature is "detached" from the content it signs.
Ok, when I wrote these I was thinking if you used a URI to some other
resource, it was obviously a detached signature, if it was in the same
document it was either enveloped or enveloping:



You are speaking of the case of

<some element>
</some element>

Even though they are in the same document, I think I agree that the best
match (instead of creating a new name for it) would be to call it a detached
signature -- even though they appear in the same document.

 >SIGNATURE, DETACHED: The signature is over content external to the
 >element, which can be identified via a URI, IDREF, or transform.
 >Consequently, the signature is "detached" from the content it signs.

Joseph Reagle Jr.   
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Monday, 10 January 2000 16:31:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:33 UTC