Hello, I had a question/comment about Section 3.2.1, Reference Validation. The steps listed are to be performed for each <Reference> element. Step 1 says we should canonicalize <SignedInfo> first. Yet, if we do this for every <Reference> element we are running the canonicalization algorithm N-1 extra times where N is the number of <Reference> elements in <SignedInfo>. Shouldn't one run of C14N be enough to canonicalize the signed info? Why do it every time? Are we expecting the structure of <Reference> to change as we are validating the signature? Blake Dournaee Toolkit Applications Engineer RSA Security "The only thing I know is that I know nothing" - SocratesReceived on Monday, 2 July 2001 23:50:30 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:13 GMT