- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 24 Aug 1999 09:41:31 -0400
- To: david.solo@citicorp.com
- Cc: w3c-ietf-xmldsig@w3.org, dsolo@alum.mit.edu
At 08:30 99/08/24 -0400, david.solo@citicorp.com wrote: >Based on the recent discussion, I want to propose the following resolution for >the detached/embedded and transform discussions. Part of my confusion on all of this was that we are dealing with intermediate steps of content which have no representation in the syntax -- they are intermediate! However, in the data model they are clearly identified. >his introduced two problems (at least): >one was the potential for nested c14n's where one alg applied to the object and >the other to the sigInfo wrapper; and the other the fact that the processing >for an embedded vs. detached signature were different (thus, one couldn't >convert between the methods without breaking the signature). Do these problems apply to the data-model/syntax [1] I've proposed? I don't think so: [1] http://www.w3.org/Signature/Drafts/xml-dsig-datamodel-990823.html > Objects and References > > <reference> and <object> take content.inline and content.EB and yield > *.result. This production occurs based on the parameters of the > operations (hash, c14n, encoding, etc.). This intermediate results are > not represented in the syntax explicitly. However, we do need a > feature for distinguishing between signing the actual <object> (the > encoded form) and content.inline.result (the decoded (processed) > form.). See the [28]section on signing the native encoding of a > packaged document. _________________________________________________________ Joseph Reagle Jr. Policy Analyst mailto:reagle@w3.org XML-Signature Co-Chair http://w3.org/People/Reagle/
Received on Tuesday, 24 August 1999 09:41:39 UTC