- From: Tim Berners-Lee <timbl@w3.org>
- Date: Wed, 8 Sep 1999 15:58:42 -0400
- To: <chairs@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, <w3c-xml-plenary@w3.org>, "Donald E. Eastlake 3rd" <dee3@us.ibm.com>, "Jon Bosak" <Jon.Bosak@eng.sun.com>
-----Original Message----- From: Joseph M. Reagle Jr. <reagle@w3.org> Date: Friday, August 20, 1999 4:35 PM Subject: XML-Signatures Requirements Last Call >http://www.w3.org/TR/xmldsig-requirements I am concerned (now after much thought) about the impact of the requirement 3.1.3 "XML-signatures must be able to apply to a part or totality of a XML document [Charter, Brown]" I was a great advocate of that, but since I have been studying the relationship between a document and its semantics. My concern is that the semantics of any XML element is totally dependent upon its enclosing context. Think of a document as an expression. What does signing part of a document mean? If it means signing a virtual document formed by stripping out (in a well defined way) everything which is not signed, then I understand it. I think that definition can work but must be explicit. If it means taking responsibility for certain parts only in context, then I don't. The outer surrounding context can invalidate, negate, or transform the meaning of the child elements in any way. Maybe this has been addressed, in which case I apologize for bringing it up again. Tim Berners-Lee xml-plenary group PS: For example, in my investigations into extending RDF to logic, in http://www.w3.org/DesignIssues/Toolbox defines an "RDF-transparent" property of an XML element which allows RDF to be taken out of context but cannot be assumed.
Received on Wednesday, 8 September 1999 15:58:58 UTC