W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

RE: DateTime (DT) attribute in Reference

From: Amir Herzberg <AMIR@newgenpay.com>
Date: Sun, 8 Jul 2001 09:37:07 +0300
Message-ID: <078EE8822DCFD411AAA1000629D56ADC0B7D3E@IMP01>
To: "Dsig (E-mail)" <w3c-ietf-xmldsig@w3.org>
Tom said, and I agree, that:

...
> If one wanted to construct an Object with this function
> it would have to have both a time and the ID of the Reference (thus
> requiring that the Reference have an ID).

And in fact that is what Merlin have proposed: 

> >>>  <SignedInfo>
> >>>    <Reference ID="foo" ...>
> >>>    ...
> >>>  </SignedInfo>
> >>>  ...
> >>>  <SignatureProperty>
> >>>    <DateTime Target="#foo" Value="..." />

I agree with Merlin, that this is a feasible solution, without breaking or
extending the spec, which is a good thing. However, like Don, I also think
this is not a perfect solution. In particular, it seems to require much more
complex processing, and is quite an artificial trick - SignedInfo purpose is
for properties of the entire signature, not of one reference; using ID and
Target is really a work-around. 

The solution I do like is to add a simple DT attribute. Like Merlin said, I
could simply do it for my application: 
> >>>I suspect you might also be able to define a DT
> >>>attribute in an external namespace and add it to
> >>>references without changing the existing model.

Well, not only I am able to do so, we actually do so... but... I think we
try to include such mechanisms in the spec, not make people do them by
extending... The requirement is very general and not specific to my case
(and furthermore the application I'm developing is also of potential general
use - Secure XML Transport Protocol aka SeXTP). 

So... can we add it? Or is there a better solution? 

Best regards, 
Amir Herzberg
CTO, NewGenPay Inc.  
http://www.newgenpay.com/Amir/Herzberg.htm
SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il
Received on Sunday, 8 July 2001 02:33:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC