- From: John Boyer <jboyer@uwi.com>
- Date: Tue, 12 Oct 1999 21:49:58 -0700
- To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
If you respond to this, please cc jboyer@csr.uvic.ca. Thanks. One question that came up while working on Section 4.3.1 was the comment (which was already there) about Location being implied by application context. It would be nice to have an example of this. In particular, I'm having some difficulty understanding how a signature verification algorithm will tell the difference between implied Location versus having no Location mean 'this' document. Originally, I had thought that an empty Location (or one that starts with a # fragment if we allow fragments in Location) should mean 'this' document. Another question about Location had to do with the desired ability to switch between embedded and detached signatures without breaking the signature How will this be done without breaking the signature given that the Location will change? At first I assumed that the only way to do this was with the fabled Location-by-application-context, but then the question above popped into mind. Note that Location is part of what gets signed by the signature's digest, so there aren't even transformations that can omit it. Thanks, John Boyer Software Development Manager UWI.Com -- The Internet Forms Company
Received on Wednesday, 13 October 1999 00:49:30 UTC