W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2002

Re: newbie Question about PKCS#7

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Thu, 16 May 2002 20:05:33 +0200
To: Tom Gindin <tgindin@us.ibm.com>, Ed Simon <edsimon@xmlsec.com>
cc: Roman Huditsch <roman.huditsch@hico.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <31922001.1021579533@crypto>


--On Donnerstag, 16. Mai 2002 11:28 -0400 Tom Gindin <tgindin@us.ibm.com> 
wrote:

>       IMHO, XML Signature is not "the new way of doing signatures".  It's
> the new, and hopefully best, way of signing documents which include XML.
> Do you expect people to sign pure binary data using XML Signature rather
> than CMS?

I would say XML Signature is a good way for creating digital signatures, 
even detached signatures which create arbitrary binary content. Even if 
there is no hint on what exactly IS the thing being signed, the signature 
itself has rich semantics. But of course, XML Signature will have no great 
future in environments where storage size or computing power are limited.

> Maybe I'm confused about the standard, but I don't see a "Type"
> value for transparent binary data or a transform for it.  Does a
> Reference with both Type and Transforms omitted mean binary?

I would say yes. Signing a GIF or something similar is

<Reference URI="1.gif" (or URI="protocol://host/1.gif">
 and no transforms.

Other opinions?


Christian
Received on Thursday, 16 May 2002 14:01:07 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:15 GMT