W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2002

Re: newbie Question about PKCS#7

From: John Messing <jmessing@law-on-line.com>
Date: Thu, 16 May 2002 21:09:37 -0700
Message-ID: <002901c1fd58$aa2b0520$39930b3f@laptop>
To: "Christian Geuer-Pollmann" <geuer-pollmann@nue.et-inf.uni-siegen.de>, "Tom Gindin" <tgindin@us.ibm.com>, "Ed Simon" <edsimon@xmlsec.com>
Cc: "Roman Huditsch" <roman.huditsch@hico.com>, <w3c-ietf-xmldsig@w3.org>
Wouldn't you need to include the message digest of the file in the signed
data as well and then sign the reference and the message digest as signed
info?

----- Original Message -----
From: "Christian Geuer-Pollmann" <geuer-pollmann@nue.et-inf.uni-siegen.de>
To: "Tom Gindin" <tgindin@us.ibm.com>; "Ed Simon" <edsimon@xmlsec.com>
Cc: "Roman Huditsch" <roman.huditsch@hico.com>; <w3c-ietf-xmldsig@w3.org>
Sent: Thursday, May 16, 2002 11:05 AM
Subject: Re: newbie Question about PKCS#7


>
>
> --On Donnerstag, 16. Mai 2002 11:28 -0400 Tom Gindin <tgindin@us.ibm.com>
> wrote:
>
> >       IMHO, XML Signature is not "the new way of doing signatures".
It's
> > the new, and hopefully best, way of signing documents which include XML.
> > Do you expect people to sign pure binary data using XML Signature rather
> > than CMS?
>
> I would say XML Signature is a good way for creating digital signatures,
> even detached signatures which create arbitrary binary content. Even if
> there is no hint on what exactly IS the thing being signed, the signature
> itself has rich semantics. But of course, XML Signature will have no great
> future in environments where storage size or computing power are limited.
>
> > Maybe I'm confused about the standard, but I don't see a "Type"
> > value for transparent binary data or a transform for it.  Does a
> > Reference with both Type and Transforms omitted mean binary?
>
> I would say yes. Signing a GIF or something similar is
>
> <Reference URI="1.gif" (or URI="protocol://host/1.gif">
>  and no transforms.
>
> Other opinions?
>
>
> Christian
>
>
Received on Friday, 17 May 2002 00:40:02 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:15 GMT