W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

Re: Enveloped-signature games with pre-c14n

From: merlin <merlin@baltimore.ie>
Date: Fri, 24 Aug 2001 14:16:54 +0100
To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Cc: w3c-ietf-xmldsig@w3.org, Joseph Reagle <reagle@w3.org>
Message-Id: <20010824131655.0417143BF6@yog-sothoth.ie.baltimore.com>

Hi Christian, It is. Your statement merely disallowed
certain transforms, not certain URIs. -- Merlin

r/geuer-pollmann@nue.et-inf.uni-siegen.de/2001.08.24/13:26:01
>Hi Merlin
>
>But if I apply #enveloped-signature #xpath with here()-usage to a non-local =
>
>URI, this is an error, isn't it?
>
>--On Freitag, 24. August 2001 09:12 +0100 merlin <merlin@baltimore.ie> =
>wrote:
>
>> That doesn't cover the case of applying the transform to a non-local URI.
>> At most, a sentence saying that enveloped signature cannot be applied to
>> a resource other than a node set from the original signature document.
>> Given that the usage seems nonsensical, I'm not sure that even this is
>> really necessary.
>>>> If you perform c14n/reparse, then you have a new document.
>>>
>>> Sorry fo bugging again. Could this be done by saying in the spec:
>>>
>>>   "It's not possible to apply Transforms that produce octet
>>>    stream output (like base64 or c14n) prior to
>>>    #enveloped-signature transform or an #xpath transform
>>>    that uses the here() function."
>>>
>>> Would this make sense?
>>>
>>> Christian
>>>
>>
>>
>> -------------------------------------------------------------------------
>> ---- Baltimore Technologies plc will not be liable for direct,  special,
>> indirect  or consequential  damages  arising  from  alteration of  the
>> contents of this message by a third party or as a result of any virus
>> being passed on.
>>
>> In addition, certain Marketing collateral may be added from time to time
>> to promote Baltimore Technologies products, services, Global e-Security =
>or
>> appearance at trade shows and conferences.
>>
>> This footnote confirms that this email message has been swept by
>> Baltimore MIMEsweeper for Content Security threats, including
>> computer viruses.
>>    http://www.baltimore.com
>>
>
>
>
>
>
>
>Mit freundlichen Gr=FC=DFen,
>
>Christian Geuer-Pollmann
>
>
>--------------------------------------------------------------------------
>Institute for Data Communications Systems             University of Siegen
>Hoelderlinstrasse 3                 D-57068 Siegen                 Germany
>
>mail:  mailto:geuer-pollmann@nue.et-inf.uni-siegen.de
>web:  <http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/>
>
Received on Friday, 24 August 2001 09:17:39 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC