W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: further revised RetrievalMethod

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 07 Sep 2000 13:34:52 -0400
Message-Id: <4.3.2.7.2.20000907132844.00b58210@rpcp.mit.edu>
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
At 13:30 9/7/2000 -0400, Donald E. Eastlake 3rd wrote:
>I think Type should be mandatory.  People who have defined their own
>KeyInfo data element can easily construct a type for it.

Of course, but what if they don't like the type mechanism and they prefer to 
rely upon the namespace in the XML instance? What happens if they want to 
rely upon the HTTP header to carry that information? What happens if the 
type KeyInfo object changes (a newer version with a tweaked namespace) and 
while they want the URIof the KeyInfo signed, they don't want its Type 
signed and consequently don't have the ability to change it? Since we aren't 
specifying any MANDATORY application behavior with respect to type, why 
REQUIRE the syntax?

I'm not wondering if it's easy to do, I'm wondering what requiring it 
benefits?



_________________________________________________________
Joseph Reagle Jr.
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Thursday, 7 September 2000 13:34:57 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT