RE: Null Canonicalization Algorithm

Dave,

I'm sorry, but the draft states that you are not going to use NULL for XML.
From the draft "This algorithm is appropriate for applications where the
resource to be signed is not XML, or where the XML document will be exactly
preserved".

jim

> -----Original Message-----
> From: Solo, David [mailto:david.solo@citicorp.com]
> Sent: Wednesday, October 20, 1999 5:26 AM
> To: jimsch@EXCHANGE.MICROSOFT.com; w3c-ietf-xmldsig@w3.org
> Subject: RE: Null Canonicalization Algorithm
> 
> 
> At least at the moment, we still have two c14n algorithms, 
> one for signedInfo 
> and one for objects.  I agree with your statement as it 
> applies to objects; but 
> I'm not sure about it for SignedInfo.   In SignedInfo, the 
> c14n alg is 
> mandatory, so you'd need a NULL alg ID if you wanted to sign 
> the data as 
> transmitted.   I'd suggest leaving the alg ID there until we 
> resolve the 
> question about fixing the SignedInfo c14n alg.
> 
> Dave
> 
> > -----Original Message-----
> > From: jimsch [mailto:jimsch@EXCHANGE.MICROSOFT.com]
> > Sent: Tuesday, October 19, 1999 6:22 PM
> > To: w3c-ietf-xmldsig
> > Cc: jimsch
> > Subject: Null Canonicalization Algorithm
> > 
> > 
> > Given the text in section 4.3.3 about transformations only be 
> > applied if
> > they are listed, and the text in section 1.3.3 "If no 
> Transformations
> > element is present, the data pointed at by Location is 
> > digested directly".
> > I believe that we can remove the NULL canonicalization 
> > algorithm from the
> > document.  The algorithm basically states that you do no 
> > changes on the
> > input before hashing it.  This is the same thing as the text 
> > in section
> > 1.3.3 says.
> > Note:  It might be wise to copy this comment to section 4.3.3 
> > as well for
> > people to easily see it during implemenation.
> > Recommend:  Remove NULL Canonicalization algorithm from the 
> > document in all
> > locations.
> > jim schaad
> > 
> 

Received on Wednesday, 20 October 1999 16:54:36 UTC