- From: Ed Simon <ed.simon@entrust.com>
- Date: Wed, 27 Oct 1999 16:24:37 -0400
- To: IETF/W3C XML-DSig WG <w3c-ietf-xmldsig@w3.org>
Phillip wrote What people are objecting to is the unnecessary canonicalization code you are requiring the verifier of the signature to write. Not all verifiers will include a DOM parser. A large number of verifiers will not even have access to the schema. I can understand that signing implementations will not need to do XML parsing because they just have to write XML, not read it. However, it seems to me a verifier would want at least a basic XML parser to properly process an XML Signature. Phillip, could you elaborate a little more how you see an XML-parser-less verifier extracting the information it needs from an XML signature in order to verify that signature? eg. Would it use pattern matching rather than full-blown XML parsing? Thanks, Ed
Received on Wednesday, 27 October 1999 16:29:03 UTC