W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

RE: C14N: Non-absolutized URIs

From: Martin J. Duerst <duerst@w3.org>
Date: Tue, 12 Sep 2000 11:19:54 +0900
Message-Id: <4.2.0.58.J.20000912111754.033eee70@sh.w3.mag.keio.ac.jp>
To: "John Boyer" <jboyer@PureEdge.com>, "Jonathan Marsh" <jmarsh@microsoft.com>, <w3c-ietf-xmldsig@w3.org>
Cc: <w3c-xsl-wg@w3.org>
At 00/09/11 17:03 -0700, John Boyer wrote:
><jonathan>
>No, the fact that XPath permits application-dependent behavior means only
>that the plenary has forced it (along with all other groups) to accept
>application-depedent behavior.
></jonathan>
>
><john>Right, and as an application of XPath, we are choosing the behavior
>that is most appropriate to our application.  No matter how much the plenary
>wants to force things on dsig, there is nothing they can do to change the
>behavior of a sha-1 hash.  We MUST have a single behavior, therefore we MUST
></john>

No, if you follow the recommendation of the plenary (which I think you should
do), then the right way is to say that relative URI's behaviour is undefined,
and that they therefore should not be used for signatures. C14N applications
may/should/must issue a warning when they find one of these when the are
used to prepare for signing.


Regards,   Martin.
Received on Monday, 11 September 2000 22:31:02 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT