- From: <Frederick.Hirsch@nokia.com>
- Date: Tue, 2 Aug 2011 17:41:19 +0000
- To: <public-xmlsec@w3.org>
- CC: <Frederick.Hirsch@nokia.com>
- Message-ID: <F21B1B05-0D54-4887-8465-1AFBC5D775D7@nokia.com>
As agreed on today's call, I updated the second paragraph in the KeyInfo section of XML Signature 1.1 and XML Signature 2.0 to have SHOULD for KeyInfoReference and not RetrievalMethod, as follows: [[ While applications may define and use any mechanism they choose through inclusion of elements from a different namespace, compliant versions must implement KeyValue (section 4.5.2 The KeyValue Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyValue>) and should implement KeyInfoReference (section 4.5.10 The KeyInfoReference Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfoReference>). ]] Section 4.5 in XML Signature 1.1, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfo Likewise in XML Signature 2.0, section 7, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyInfo [[ If KeyInfo is omitted, the recipient is expected to be able to identify the key based on application context. Multiple declarations within KeyInfo refer to the same key. While applications may define and use any mechanism they choose through inclusion of elements from a different namespace, compliant versions must implement KeyValue (section 7.2 The KeyValue Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyValue>) and should implement KeyInfoReference (section 7.10 The dsig11:KeyInfoReference Element<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-KeyInfoReference>). ]] This should complete ACTION-816. regards, Frederick Frederick Hirsch Nokia
Received on Tuesday, 2 August 2011 17:42:01 UTC