W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2001

Clarification on section 3.2.1 (Reference Validation)

From: Sean Mullan <sean.mullan@sun.com>
Date: Thu, 06 Dec 2001 10:32:04 +0000
Message-ID: <3C0F4924.87B3B14E@sun.com>
To: w3c-ietf-xmldsig@w3.org
Step 3 of section 3.2.1 states:

  "Compare the generated digest value against DigestValue 
   in the SignedInfo Reference; if there is any mismatch, 
   validation fails."

Does "validation" above mean "core validation"? If a single
reference fails to validate, core validation fails. I assume
this means an implementation should (must?) abort validation of the 
remaining references and return a failure. Is my assumption
correct? I think the section could be a little bit more clear
on what an implementation should do when a reference fails
to validate.

Thanks,
Sean
Received on Thursday, 6 December 2001 05:32:08 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:14 GMT