At 00/09/11 17:03 -0700, John Boyer wrote: ><jonathan> >No, the fact that XPath permits application-dependent behavior means only >that the plenary has forced it (along with all other groups) to accept >application-depedent behavior. ></jonathan> > ><john>Right, and as an application of XPath, we are choosing the behavior >that is most appropriate to our application. No matter how much the plenary >wants to force things on dsig, there is nothing they can do to change the >behavior of a sha-1 hash. We MUST have a single behavior, therefore we MUST ></john> No, if you follow the recommendation of the plenary (which I think you should do), then the right way is to say that relative URI's behaviour is undefined, and that they therefore should not be used for signatures. C14N applications may/should/must issue a warning when they find one of these when the are used to prepare for signing. Regards, Martin.Received on Monday, 11 September 2000 22:31:02 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:11 GMT