Re: Test Case with xml-dsig from Norman Walsh on 2005-02-07 (public-xml-id@w3.org from February 2005)

From: Norman Walsh <Norman.Walsh@Sun.COM>
Date: Mon, 07 Feb 2005 14:05:31 -0500
To: Joseph Reagle <reagle@mit.edu>
Cc: Gabe Wachob <gwachob@wachob.com>, public-xml-id@w3.org, w3c-ietf-xmldsig@w3.org
Message-id: <87pszc42dg.fsf@nwalsh.com>

/ Joseph Reagle <reagle@mit.edu> was heard to say:
| problems with respect to versioning of XML. For example, is the 
| canonicalization of xml:ID correct when used with the existing 
| specifications?

Inclusive canonicalization seems to be just plain broken with respect
to xml:id.

| What happens to the info set?

I think the right thing happens in the infoset. Applications concerned
with digital signatures and security are probably going to want to
assert that either xml:id process is (or is not, but I hope they
choose 'is') performed as part of the encryption/signature process.

                                        Be seeing you,
                                          norm

-- 
Norman.Walsh@Sun.COM / XML Standards Architect / Sun Microsystems, Inc.
NOTICE: This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.

Received on Monday, 7 February 2005 19:05:47 UTC