- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Wed, 05 Jul 2000 16:12:56 -0400
- To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
I've been trying to figure out if we could go to REC prior to the Schema specification reaching REC. To that end, one runs into the question of whether there is a normative reference dependency? This also relates to the following point in the STATUS: 3. Ensure that if the syntax constraints of section 7.1 are followed, a validating parser is not needed. http://www.w3.org/TR/2000/WD-xmldsig-core-20000601/ A few more philosophical questions include: 1. Must you implement schema in order to implement Signature? Generally, no. 2. If schema dramatically changed, would that change signature processing/results? Generally, no, the Signature Syntax would be the same. 3. If there's an error in the schema specification, would that change signature processing/results? Generally, no, but perhaps .. However, the concrete question I want to ask this WG is are we using schema merely in a descriptive capacity, or do we expect the content models to be checked and instances validated? We aren't using that many schema features (nor do we use the ones we employ very restrictively...) HOWEVER our present schema precludes one from including content that we haven't specified in SignedInfo (as does the DTD). Consequently, if a Signature application encountered a Signature with external content (even if namespace qualified) in SignedInfo, that Signature should be invalid. It would only know it is invalid if it had the DTD/Schema, consequently, a schema validating parser is REQUIRED. Right? _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Wednesday, 5 July 2000 16:13:56 UTC