W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

RE: Why is the Target attribute in SignatureProperty required?

From: Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
Date: Mon, 27 Aug 2001 15:30:40 +0200
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Cc: "XMLSigWG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBJJNFOMNNKFDPLCDJOEJCCLAA.Karl.Scheibelhofer@iaik.at>
sorry, i canot follow your argumentation.
if my SignedProperties is inside the Object element of a signature, i really
do not need this reference. even though, i must set it, because it is
required (however, the ID of the signature itself is optional).
if the target is present, the application must nevertheless check if this
SignedProperties is really covered by a reference in the signature, when it
verifies the signature. the Target attribute does not relly help in many
cases. i agree that there might be applications where it is useful to have
such a Target attribute, but it should be optional rather than reuqired, i
think.
this Target is only useful in applications where you have separated
SignedProperties and you need to find the signature which signs it. i think
that this is not common practice. normally you need to come from the other
direction - you have the signature and get the SignedProperties of it, for
which you use the references directly.

regards

  Karl

--

Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
Institute for Applied Information Processing and Communications (IAIK)
at Graz University of Technology , Austria, http://www.iaik.at and
http://jcewww.iaik.at
Phone: (+43) (316) 873-5540

> -----Original Message-----
> From: Donald E. Eastlake 3rd [mailto:dee3@torque.pothole.com]
> Sent: Monday, August 27, 2001 3:13 PM
> To: Karl Scheibelhofer
> Cc: XMLSigWG
> Subject: Re: Why is the Target attribute in SignatureProperty required?
>
>
>
> If it appears inside a Signature, a SignatureProperty could apply
> to that signature or separately to any one of the References. If
> it appeared outside of a Signature, it could apply to any singature
> or reference in the world. You need Target to tell what's going on.
>
> Donald
>
>
> From:  "Karl Scheibelhofer" <Karl.Scheibelhofer@iaik.at>
> To:  "XMLSigWG" <w3c-ietf-xmldsig@w3.org>
> Date:  Mon, 27 Aug 2001 14:47:44 +0200
> Message-ID:  <NDBBJJNFOMNNKFDPLCDJGEJACLAA.Karl.Scheibelhofer@iaik.at>
>
> >hi,
> >
> >can anyone explain, why the Target attribute in the
> SignatureProperty type
> >is required and not optional? i can see no obvious reason to make this
> >attribute required.
> >
> >regards
> >
> >  Karl
> >
> >--
> >
> >Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
> >Institute for Applied Information Processing and Communications (IAIK)
> >at Graz University of Technology , Austria, http://www.iaik.at and
> >http://jcewww.iaik.at
> >Phone: (+43) (316) 873-5540
> >
>
>
Received on Monday, 27 August 2001 09:30:33 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC