- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 10 Jan 2000 16:31:52 -0500
- To: "John Boyer" <jboyer@uwi.com>
- Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
At 09:45 00/01/10 -0800, John Boyer wrote:
>These comments are based on the text in [1].
>
>[1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000104/
>
>The definition for Enveloping Signature seems too constraining. Current
>definition:
...
>SIGNATURE, ENVELOPING: The signature is over content found within the
>signature itself in an Object element. The Object is typically identified
by
>IDREF (though a transform could be used), and the enveloping Signature
>element is typically used to provide the root document element.
I agree with your point here.
>The definition of detached signature also seems too constraining. Current
>definition:
>
>The signature is over external content identified via a URI. Cosequently,
>the signature is "detached" from the content it signs.
Ok, when I wrote these I was thinking if you used a URI to some other
resource, it was obviously a detached signature, if it was in the same
document it was either enveloped or enveloping:
<enveloped>
<signature/>
</envoloped>
<signature>
<object>
<enveloping/>
</object>
</signature>
You are speaking of the case of
<some element>
<signature/>
<signedobject/>
</some element>
Even though they are in the same document, I think I agree that the best
match (instead of creating a new name for it) would be to call it a detached
signature -- even though they appear in the same document.
>SIGNATURE, DETACHED: The signature is over content external to the
Signature
>element, which can be identified via a URI, IDREF, or transform.
>Consequently, the signature is "detached" from the content it signs.
_________________________________________________________
Joseph Reagle Jr.
Policy Analyst mailto:reagle@w3.org
XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Monday, 10 January 2000 16:31:57 UTC