- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Sun, 8 Jul 2001 09:37:07 +0300
- To: "Dsig (E-mail)" <w3c-ietf-xmldsig@w3.org>
Tom said, and I agree, that: ... > If one wanted to construct an Object with this function > it would have to have both a time and the ID of the Reference (thus > requiring that the Reference have an ID). And in fact that is what Merlin have proposed: > >>> <SignedInfo> > >>> <Reference ID="foo" ...> > >>> ... > >>> </SignedInfo> > >>> ... > >>> <SignatureProperty> > >>> <DateTime Target="#foo" Value="..." /> I agree with Merlin, that this is a feasible solution, without breaking or extending the spec, which is a good thing. However, like Don, I also think this is not a perfect solution. In particular, it seems to require much more complex processing, and is quite an artificial trick - SignedInfo purpose is for properties of the entire signature, not of one reference; using ID and Target is really a work-around. The solution I do like is to add a simple DT attribute. Like Merlin said, I could simply do it for my application: > >>>I suspect you might also be able to define a DT > >>>attribute in an external namespace and add it to > >>>references without changing the existing model. Well, not only I am able to do so, we actually do so... but... I think we try to include such mechanisms in the spec, not make people do them by extending... The requirement is very general and not specific to my case (and furthermore the application I'm developing is also of potential general use - Secure XML Transport Protocol aka SeXTP). So... can we add it? Or is there a better solution? Best regards, Amir Herzberg CTO, NewGenPay Inc. http://www.newgenpay.com/Amir/Herzberg.htm SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il
Received on Sunday, 8 July 2001 02:33:29 UTC