W3C home > Mailing lists > Public > w3c-xml-sig-ws@w3.org > April 1999

RE: unparsed entities

From: Richard D. Brown <rdbrown@GlobeSet.com>
Date: Thu, 8 Apr 1999 16:38:32 -0500
To: "'John Boyer'" <jboyer@uwi.com>
Cc: <w3c-xml-sig-ws@w3.org>
Message-ID: <001101be8208$272ca8a0$0bc0010a@artemis.globeset.com>
John,

>
> It seems that the signature filter idea could easily be
> extended to say that
> a signature should 'obtain' a list of resources, which could
> then be put in
> the signature element by the encoding routine before the hash
> is generated.
>

What you have just depicted is, to some extent, what the XML Digital
Signature Proposal recognizes as a Canonicalizer. I wrote "to some extent"
because their initial purpose was not really to filter, but to produce a
octet-stream representative of the semantics of the element being signed.
But, Filter and Canonicalizer are very similar in their functionality -
Being given an XML element (which could be the root) on input they produce
the digest to be signed. Therefore, considering the flexibility of the
Algorithm/Parameter definitions, it should quite straightforward to
implement and parameterize an XFDL filter. In addition, the Canonicalizer
definition (algorithm id and parameters) is already included in the Manifest
of the signature (thence protected).

Conclusion: XFDL signs the form element making use of an XFDL canonicalizer
which is provided on entry with element exclusion and inclusion patterns.
Will this approach make sense to you and address your concerns?


Richard D. Brown
Software Architect - R&D
GlobeSet, Inc. Austin TX - U.S.
Received on Thursday, 8 April 1999 17:38:08 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 11:28:03 EDT