- From: Sean Mullan <Sean.Mullan@Sun.COM>
- Date: Tue, 17 Feb 2009 09:39:52 -0500
- To: Frederick Hirsch <Frederick.Hirsch@nokia.com>
- Cc: XMLSec WG Public List <public-xmlsec@w3.org>
Some comments on Section 3.2 Compliance "Use of any or all of these Signature Properties in an XML Signature is optional and nothing precludes the use of additional properties defined elsewhere. [Definition: A Common Signature Property is a property defined in this specification and identified by the namespace defined in this document.] When such Common Signature Properties are used the format and processing rules associated with those properties, as defined in this document, MUST apply." 1. s/optional/OPTIONAL 2. I'm uncomfortable with the last sentence. This implies that a validator (or decryptor) MUST process the property according to the rules if it is included in a Signature. But what if a validator doesn't support or recognize the property? Should it ignore it? But what if the property must be processed because validation really depends on it which seems to be the case with most of these? I am concerned that since the processing of most of these properties affect validation that what is really needed are changes to the signature validation algorithm which probably isn't appropriate until 2.0. --Sean Frederick Hirsch wrote: > > Does the WG agree to progress the (revised) XML Signature Properties > draft to first public working draft? > > http://www.w3.org/2008/xmlsec/Drafts/xmldsig-properties/Overview.html > > I propose one change to the current draft - to change the usage > attribute to "role" and to remove the second paragraph in that section > "one example". > > Please indicate on the list if you believe additional changes are required. > > Thanks > > regards, Frederick > > Frederick Hirsch > Nokia > > > >
Received on Tuesday, 17 February 2009 14:49:05 UTC