- From: Richard D. Brown <rdbrown@Globeset.com>
- Date: Wed, 21 Jul 1999 17:46:38 -0500
- To: "'Dan Connolly'" <connolly@w3.org>, "'Todd S. Glassey'" <Todd.Glassey@www.meridianus.com>
- Cc: "'IETF/W3C XML-DSig WG'" <w3c-ietf-xmldsig@w3.org>
> > I don't think you want to require that stuff be addressable. > I expect to be able to sign content from stdin, for example. > > But if you're going to to as far as "addressable object" > you might as well say "Web resource." It means the same thing, > unles you've got some other addressing mechanism (besides URIs) > in mind. > To refer more closely to XML and XLink specifications, I would argue that the signature applies to any unit of information that is reachable and unambiguously identifiable by means of a locator, whose value is comprised of a URI, or a fragment identifier, or both. If one is willing to sign the content from stdin, then he will have to package that content into a resource that is addressable by means of a locator contained in the signature element. One solution would be to package the content of stdin into an XML element (after encoding if necessary) and attach that element along with the signature element to a common XML document. Notice that such a solution is not part of the XMLDSIG specification but stands on its own as a particular application of XMLDSIG specification. As S/MIME is a particular application of CMS (Cryptographic Message Syntax) to secure 'MIME content', XMLDSIG will specify the core syntax and some "X/MIME" standard will specify how to apply it to 'MIME content'. Richard D. Brown
Received on Wednesday, 21 July 1999 18:47:16 UTC