- From: Juan Carlos Cruellas <cruellas@ac.upc.edu>
- Date: Wed, 07 Nov 2007 15:23:46 +0100
- To: Ed Simon <edsimon@xmlsec.com>
- CC: public-xmlsec-maintwg@w3.org
Some initial thoughts on Ed's presentation: Ed is asking if we need objects that are outside signedInfo. My personal view is that we actually need. XAdES signatures, for instance reserve a relevant role for contents of ds:Objects thjat are not signed: they contain revocation information that some verifier may incorporate after verifying the signature (actual values or references, or time-stamps) or even counter-signatures.... As for Manifest, I would say from what was written in the original XMLSig that there are use cases for it, so I would also be in favour of keeping it .... On canonicalization, if I have correctly understood, the group should deal only wiht canonicalization of signedInfo and leave outside... so we would only achieve make things easier only for enveloping signatures, not dettached or enveloped....am I right? I think that incorporation of differnt signers is anyway a good thing... But as I said, these are only first thoughts.... Regards Juan Carlos. Ed Simon escribió: > > Please find attached, or linked, my current strawman proposal for XML > Signature 2.0. These slides are scheduled to be presented on Thursday > afternoon. > > Regards, > Ed > _____________________________ > Ed Simon <edsimon@xmlsec.com> > Principal, XMLsec Inc. > (613) 726-9645 > > Interested in XML, Web Services, or Security? Visit " > http://www.xmlsec.com <http://www.xmlsec.com/> ". > > New! "Privacy Protection for E-Services" published by Idea Group > (ISBN: 1-59140-914-4 for hard cover, 1-59140-915-2 for soft cover). > Includes a chapter, by Ed Simon, on "Protecting Privacy Using XML, > XACML, and SAML". > See the Table of Contents here: " http://tinyurl.com/rukr4 > <http://tinyurl.com/rukr4> ". >
Received on Wednesday, 7 November 2007 14:23:57 UTC