- From: Chris Smithies <Chris_Smithies@penop.com>
- Date: Wed, 24 Nov 1999 18:46:43 +0000
- To: rhimes@nmcourt.fed.us
- cc: w3c-ietf-xmldsig@w3.org
Yes: it seems simple to me. Have a Location which the core can use to fetch the document for verification; but don't include the Location in SignedInfo, otherwise moving the document breaks the signature (at least, as far as the core is concerned). Then, if the document changes location, simply change the Location field accordingly. Isn't it as simple as that? Why, when no other kind of electronic signature is invalidated by changing the document's location, should XML signatures be any different? I can't see why. Perhaps some kind and patient person could explain to me what I am missing here.
Received on Wednesday, 24 November 1999 13:36:25 UTC