W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2002

FW: Schema & non-repudiation query

From: Pitt, Esmond <pitte@anz.com>
Date: Mon, 7 Oct 2002 10:18:02 +1000
Message-ID: <A4B31994DAD0A040B37CDCEFB8E0914423CA32@EXGAU570BSM00.oceania.corp.anz.com>
To: XML Signature <w3c-ietf-xmldsig@w3.org>

There was a discussion in this list around 1999 on this topic. How was it
finally resolved?

The schema for a document is logically speaking part of the data that is
signed, because it is the source of the default attribute values. However it
is not necessarily physically present in the signed document. This leads to
an integriy problem: if the schema associated with a message is lost or
corrupted, the signature on the document becomes non-verifiable and legal
non-repudiation is lost.

My question is, what kind of security regimes are people putting around XML
schemas associated with signed XML documents in practice?

EJP
Received on Sunday, 6 October 2002 20:19:20 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT