There was a discussion in this list around 1999 on this topic. How was it finally resolved? The schema for a document is logically speaking part of the data that is signed, because it is the source of the default attribute values. However it is not necessarily physically present in the signed document. This leads to an integriy problem: if the schema associated with a message is lost or corrupted, the signature on the document becomes non-verifiable and legal non-repudiation is lost. My question is, what kind of security regimes are people putting around XML schemas associated with signed XML documents in practice? EJPReceived on Sunday, 6 October 2002 20:19:20 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT