The reference processing model from Gregor Karlinger on 2001-11-15 (w3c-ietf-xmldsig@w3.org from October to December 2001)

From: Gregor Karlinger <gregor.karlinger@iaik.at>
Date: Thu, 15 Nov 2001 15:11:29 +0100
To: "XMLSigWG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <LBEPJAONIMDADHFHAEAOMEKACKAA.gregor.karlinger@iaik.at>

I have just had a look on section 4.3.3.2 (The Reference Processing Model),
and I have the following question:

The second bullet in the list describing the default behaviour of a
Transform's behaviour with respect to the input they require:

  "* If the data object is a node-set and the next transform requires
    octets, the signature application MUST attempt to convert the
    node-set to an octet stream using the specified canonicalization
    algorithm."

I think that it is not clear what "THE SPECIFIED CANONICALIZATION ALGORITHM"
means. If the intention is to use the c14n algorithm specified in the
CanonicalizationAlgorithm element within SignedInfo, this should be
clearly expressed in a sentence like "... to an octet stream using the
canonicalization algorithm specified for canonicalizing the SignedInfo
element.".

Regards, Gregor

Received on Thursday, 15 November 2001 09:09:12 UTC