- From: Peter Lipp <Peter.Lipp@iaik.at>
- Date: Mon, 8 Nov 1999 16:11:35 -0500
- To: <rhimes@nmcourt.fed.us>, <w3c-ietf-xmldsig@w3.org>, <reagle@w3.org>
- Message-ID: <NDBBLDEHJKOODMJCNBNCIEEHCNAA.Peter.Lipp@iaik.at>
>transform on Object (rather than it's content), to allow exclusion of a >location/transform within Object (transform is not currently specified in >object). I'd like this to be more natural though, by adding an attribute to >ObjectReference, for example. Not sure I understand that completely, so forgive me if I'm wrong. But while the location of the data does not change the digest value of the object to be signed, the transform does, so there is no way of changing transform without the need for changing the signature. Now, I understand that excluding it doesn't mean we don't know about it. But then, I see no point in excluding the transform if we need it, and furthermore I strongly suspect security issues at risk if the transform can be changed. Those issues don't come up with the location. Concerning location, it might be cleaner to move it out to a manifest, if it needs to be signed, as it clearly is something that can vary, or to exclude it by default, but I am not so sure here. Let's look at location and where it's needed. If I create a signature, I will most often pack it with the document somehow. Here location is not an issue. If I create a detached signature, like say a PICS label bureau or similar, I will need the location authenticated anyway as I would be opting for it. And if that location is no longer correct, that wouldn't matter. I don't see a real case where the location would change and I still would need the same signature (containing the location) verify. Can I be in posession of a document and unable to find a signature with that specific location in? I can imagine cases like downloading a document and a signature to my harddisk, where the signature contains the former location. In that case my signature verifying aplication should now that in this case the non-verifying location is no longer correct and tell me. Like Outlook tells me that a signature is cryptographically ok but I don't trust it because... similar case to me! My conclusion: location is fine as is. Peter ______________________________________ Dr. Peter Lipp IAIK, TU Graz Inffeldgasse 16a, A-8010 Graz, Austria Tel: +43 316 873 5513 Fax: +43 316 873 5520 Web: www.iaik.at
Received on Monday, 8 November 1999 16:11:42 UTC