- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 29 Mar 2001 14:15:42 -0500
- To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
- Cc: "XML Encryption WG " <xml-encryption@w3.org>, "Hiroshi Maruyama" <MARUYAMA@jp.ibm.com>
At 19:33 3/29/2001 +0900, Takeshi Imamura wrote: >The serialization is not so sensitive if only encryption is performed. >However, that may not be true if both encryption and signature are >performed on a document. For example, suppose that a user signs and then >encrypts a document, where he defines and uses his own serialization which >does not preserve information set. Another user will fail in verifying the >signature because the original document cannot be retrieved. For such >reason, I think we should define at least a serialization for information >set. Very good point, I added that to the text in that section. However, I don't think the Infoset or DOM data models lack anything required by Canonical XML. (The part of XPath data model used by Canonical XML is a subset of both DOM and Infoset, right?) Even if this is the case (doesn't necessitate the use of Infoset or DOM), do you have a preference between the two? __ Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 29 March 2001 14:16:09 UTC