Re: Some strawman ideas concerning <ds:Transforms>

You could also potentially put the hint in a SignatureProperty element, 
for example:

<Signature>
  ...
  <Object>
   <SignatureProperties>
    <SignatureProperty>
     <Streamable/>
    </SignatureProperty>
   </SignatureProperties>
  </Object>
</Signature>

I could imagine other properties for different profiles, ex: <Simple/>.

If you assume a two-pass model, then you can look for this property in 
the first pass.

--Sean

Konrad Lanz wrote:
> Hi,
> 
> Pratik Datta wrote:
>> I would like to see if we can achieve this streaming hint with forward 
>> compatibility.
>>   
> +1 to at least trying to achieve that.
>> By that I mean, we put in the hint in such a place that older implementations 
>> can still verify such a signature by ignoring the hint, whereas newer 
>> implementations can take advantage of this hint and do streaming.
>>   
> Quick Proposal:
> 
>         <ds:Reference URI="">
>             <?ds:Reference dereference as event stream allowed,
> constrained transforms enforced, legacy equivalent processing and
> compatible results are hereby stipulated ?>
>             <ds:Transforms>
>               ...
>             </ds:Transforms>
>             <ds:DigestMethod Algorithm="..."/>
>             <ds:DigestValue>...</ds:DigestValue>
>         </ds:Reference>
> 
> If  the hints / preconditions are not fulfilled by the ds:Transforms,
> throw an error.
>> [...] how about adding it as a new attribute to an existing transform?  
>> Implementations will probably ignore unknown attributes. Or maybe add a new 
>> transformation parameter?
>>   
> I doubt that extension points will be ignored by applications in
> general, hence my preference for a processing-instruction.
> 
> Konrad
> 

Received on Wednesday, 23 July 2008 21:00:49 UTC