- From: Cantor, Scott <cantor.2@osu.edu>
- Date: Fri, 2 Nov 2012 19:10:47 +0000
- To: Sean Mullan <sean.mullan@oracle.com>, "edsimon@xmlsec.com" <edsimon@xmlsec.com>
- CC: "G. Ken Holman" <gkholman@CraneSoftwrights.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
On 11/2/12 3:02 PM, "Sean Mullan" <sean.mullan@oracle.com> wrote: >Hmm, I knew this issue looked familiar. I actually reported this as an >issue way back in 2004 and here was the explanation: > >http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2004JanMar/0057.html > >I'm still not sure what the right answer is. This sentence in the response seems unsupportable in aa typical implementation, I would think: "If other functions were available and were used during signing, then there would be interoperability problems during validation, so no other functions are allowed in the evaluation context." That sounds like a dubious constraint to expect to be in place using off the shelf components. But I'll defer to the experts. -- Scott
Received on Friday, 2 November 2012 19:11:28 UTC