Content type in Reference from Bruno Harbulot on 2009-04-26 (public-xmlsec-comments@w3.org from April 2009)

From: Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>
Date: Sun, 26 Apr 2009 14:22:11 +0100
To: public-xmlsec-comments@w3.org
Message-ID: <49F46003.9040207@manchester.ac.uk>

Hello,

In Section 4.3.3.1 [*] of the current XML Signature draft, there is a 
note about multiple representations for a given resource: "Applications 
should also be cognizant of the fact that protocol parameter and state 
information, (such as HTTP cookies, HTML device profiles or content 
negotiation), may affect the content yielded by dereferencing a URI."

I'd like to suggest the addition of a 'Content-Type' attribute to the 
'Reference' element, to indicate the content-type of the representation 
that has been signed, so as to enable the application verifying the 
signature to ask for that content-type when dereferencing the URI.

Best wishes,

Bruno.

[*] http://www.w3.org/TR/2009/WD-xmldsig-core1-20090226/#sec-URI

Received on Sunday, 26 April 2009 14:58:22 UTC