At 18:24 8/29/2000 +0000, Brian LaMacchia wrote: >What should the verifier do in this case? Should it: >a) follow the redirect URL to get the content to feed into the set of >transforms? Ok, I added a sentence in section 4.3.3; the paragraph now reads: XML Signature applications MUST be able to parse URI syntax. We RECOMMEND they be able to dereference URIs in the HTTP scheme. Dereferencing a URI in the HTTP scheme MUST comply with the Status Code Definitions of [HTTP] (e.g., 302, 305 and 307 redirects are followed to obtain the entity-body of a 200 status code response). Martin, you suggested the following: If a resource is identified by more than one URI, the most specific should be used (e.g. http://www.w3.org/2000/06/interop-pressrelease.html.en instead of http://www.w3.org/2000/06/interop-pressrelease). (See the section 3.2.1:Reference Validation for a further information on reference processing.) but given the above, is this where a few URLs are known by the application, or where this is an HTTP 300 Mutliple Choices response? _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/Received on Thursday, 7 September 2000 19:34:31 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT