W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

Signed in parts. Re: XML-Signatures Requirements Last Call

From: Tim Berners-Lee <timbl@w3.org>
Date: Wed, 8 Sep 1999 15:58:42 -0400
Message-ID: <02a701befa34$93c24b60$a60a1712@col.w3.org>
To: <chairs@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, <w3c-xml-plenary@w3.org>, "Donald E. Eastlake 3rd" <dee3@us.ibm.com>, "Jon Bosak" <Jon.Bosak@eng.sun.com>

-----Original Message-----
From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Friday, August 20, 1999 4:35 PM
Subject: XML-Signatures Requirements Last Call


I am concerned (now after much thought) about the impact of
the requirement 3.1.3
"XML-signatures must be able to apply to a part or totality of a XML
document [Charter, Brown]"
I was a great advocate of that, but since I have been studying the
relationship between
a document and its semantics.

 My concern is that the semantics of any XML element
is totally dependent upon its enclosing context.  Think of a document as an
What does signing part of a document mean?  If it means signing a virtual
formed by stripping out (in a well defined way) everything which is not
signed, then
I understand it.  I think that definition can work but must be explicit.
If it means taking responsibility for certain parts only in context, then I
The outer surrounding context can invalidate, negate, or transform the
meaning of the
child elements in any way.

Maybe this has been addressed, in which case I apologize for bringing it up

Tim Berners-Lee

xml-plenary group

PS:  For example, in my investigations into extending RDF to logic, in
defines an "RDF-transparent" property of an XML element which allows RDF to
be taken out of context
but cannot be assumed.
Received on Wednesday, 8 September 1999 15:58:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:09:56 UTC