- From: John Boyer <jboyer@uwi.com>
- Date: Thu, 9 Sep 1999 16:02:43 -0700
- To: "Peter Norman" <pnorman@mediaone.net>, <w3c-ietf-xmldsig@w3.org>
<Peter> All I'd like to add to this is that the processing instructions are merely labels and don't have any direct semantic effect. While it would be reasonable to start at a start and end at an end, with Xptr you could start three elements past an end and end two elements before a start if you were so perverse. While we've been saying 'remove' about dsig target PIs, we may want to be neutral between 'remove' and 'ignore for hashing'. </Peter> <John> 'Ignore for hashing' *is the same as* 'remove' with respect to my comments in the letter to Don and the group. </John> <Peter> I did in fact intend that dsig target PIs NOT be substantive. They should be ignored for signature purposes and carry no semantics other than location. Anything within a dsig target PI (from <? to ?> inclusive) should be unsigned by definition. </Peter> <John> Can you please comment on how to achieve document closure by this method (please note my comments in the letter to Don and the group)? In particular, how can this method prevent arbitrary content from being added between the signed regions? Further, can you explain how this method would sign parts of externally stored resources, esp. when the signer does not have write access to those resources to put the unsigned PIs in place? A single properly used XPointer solves all of these problems. Finally, Don's email seemed to make use of XPointer to indicate the target PIs anyway. Is this your view as well? If so, then this discussion is not about whether to support XPointer but rather how to apply it. Either way, given the problems I've pointed out, would you agree that we should not use target PIs, target elements, or dsig:exclude attributes to solve the problems related to partial document? John Boyer Software Development Manager UWI.Com -- The Internet Forms Company </John>
Received on Thursday, 9 September 1999 19:04:39 UTC