Re: newbie Question about PKCS#7

      Joseph:

      That this mechanism exists and is fairly simple is certainly good
news for people who want to sign mixed sets of data (some XML, some
straight text or binary).  Could we put a use of this feature in one or
more of the published examples so that this issue doesn't come up again?

            Tom Gindin


Joseph Reagle <reagle@w3.org> on 05/22/2002 10:27:15 AM

Please respond to reagle@w3.org

To:    Tom Gindin/Watson/IBM@IBMUS
cc:    "Ed Simon" <edsimon@xmlsec.com>, "Roman Huditsch"
       <roman.huditsch@hico.com>, <w3c-ietf-xmldsig@w3.org>
Subject:    Re: newbie Question about PKCS#7


On Tuesday 21 May 2002 16:04, Tom Gindin wrote:
>       My question can be most simply stated as whether a reference with
> neither type nor transform is to be interpreted as a transparent octet
> stream to be fed to the digest algorithms, and if not, what syntax is
> interpreted that way?

As Christian noted, it depends on the URI.

>  I am trying to ensure that we have a syntax
> defined for data that will NOT be interpreted as XML.  A very simple
> example would be the following:
> <Reference URI="ftp://ftp.isi.edu/in-notes/rfc3075.txt">
> <DigestMethod Algorithm
> ="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>Xyz=</DigestValue
>> </Reference>

Yes, it directly digests the octets in the HTTP entity-body returned upon
dereferencing that URI.

Received on Wednesday, 22 May 2002 10:53:56 UTC