Re: XML Signature 2.0 Strawman Proposal

Some initial thoughts on Ed's presentation:

Ed is asking if we need objects that are outside signedInfo. My personal 
view is that we actually need. XAdES signatures, for instance reserve a 
relevant role for contents of ds:Objects thjat are not signed: they 
contain revocation information that some verifier may incorporate after 
verifying the signature (actual values or references, or time-stamps) or 
even counter-signatures....
As for Manifest, I would say from what was written in the original 
XMLSig that there are use cases for it, so I would also be in favour of 
keeping it ....

On canonicalization, if I have correctly understood, the group should 
deal only wiht canonicalization of signedInfo and leave outside... so we 
would only achieve make things easier only for enveloping signatures, 
not dettached or I right?

I think that incorporation of differnt signers is anyway a good thing...

But as I said, these are only first thoughts....


Juan Carlos.
Ed Simon escribió:
> Please find attached, or linked, my current strawman proposal for XML 
> Signature 2.0. These slides are scheduled to be presented on Thursday 
> afternoon.
> Regards,
> Ed
> _____________________________
> Ed Simon <>
> Principal, XMLsec Inc.
> (613) 726-9645
> Interested in XML, Web Services, or Security? Visit " 
> <> ".
> New! "Privacy Protection for E-Services" published by Idea Group 
> (ISBN: 1-59140-914-4 for hard cover, 1-59140-915-2 for soft cover).
> Includes a chapter, by Ed Simon, on "Protecting Privacy Using XML, 
> XACML, and SAML".
> See the Table of Contents here: " 
> <> ".

Received on Wednesday, 7 November 2007 14:23:57 UTC