Signed-XML (revised)

> Joseph et al,
> 
> To programmatically process a "digital" signature, I'd need to have the signature and information that would allow me to verify it (cert, CA, algorithm, public key, etc.).  Cool.  But if I programmatically encounter an "electronic" signature, I at least need to know that fact.  ...that it is a signature and not something else.  
> 
> Verification may be difficult, the burden of proof rests with the relying party, and all that, but I would need to know that the blob I'm dealing with is indeed a signature.  The type of electronic signature could start another interesting discussion, but for now I'd settle for the fact that it is an electronic signature of some type.
> 
<new para> 
And given that an electronic signature is still a signature, it should enjoy all the rights and benefits of other signatures.  ...albeit it is not cryptographically strong and verification is difficult.
</new para> 

> Do you think the wording in sections 2.1, 2.2 and 2.3B sufficiently captures that notion?  I'm not sure.
> 
> tx,
> 
> Larry
> 
> Re: http://www.ietf.org/internet-drafts/draft-ietf-xmldsig-requirements-00.txt 
> 
> 
> 

Received on Wednesday, 23 June 1999 20:46:21 UTC