DigSig feedback

Hi all,

this is the official Vodafone feedback on the proposed rewriting of DigSig.

The spec looks good to us. We don't have any objection to removing the requirement on the signer to order the signature files. Getting the validator to do it instead is fine and is probably preferable.

Our only other comment on the specification is related to the new requirement for the validator to support C14N11:

"A validator  MUST support [C14N11] to process a ds:Reference that specifies [C14N11] as a canonicalization method."  

If we remember the previous discussions, there was a move to [XML-exc-C14N] because of concerns over the level of support for [C14N11]. Making support for this mandatory may cause us some issues in the short term. Can you explain why this requirement has been added?

Robin Berjon
  robineko  hired gun, higher standards

Received on Wednesday, 5 May 2010 13:41:30 UTC