- From: Paul Grosso <pgrosso@arbortext.com>
- Date: Mon, 29 Nov 1999 15:46:55 -0600
- To: "Joseph M. Reagle Jr." <reagle@w3.org>, w3c-ietf-xmldsig@w3.org
I'm no dsig expert, but as appointed co-chair to the XML Packaging WG, I'm interested in understanding this draft's use of the terms "manifest" and "package", especially the latter. However, I can't from this draft (which might be more my failing than that of the draft). Specifically, the most distinction I can find between the two terms is the following in 4.1: A Package has the same syntax as a Manifest but also asserts the equality of each of its referenced objects, after any transforms. The testing of this equality and action if it fails is also entirely at the discretion of the applicaiton. [typo in the last word above, by the way] I have no idea what "asserts the equality of each of its referenced objects" means or how this distinction that this draft makes between manifests and packages is important. Finally, given that there is already chartered an XML Package WG that will have to define a "package", I wonder if this is the best choice of terminology for the dsig draft--unless a dsig package is equivalent to an XML package, but I don't see how that could be since we don't know what an XML package is yet. paul At 15:29 1999 11 22 -0500, you wrote: >The IETF/W3C XML Signatures WG has published a draft [1] that we would like >feedback on. It is still rough; there are numerous editorial to-do's and a >couple open issues, but I think the exposition is clear enough to >sufficiently render our design -- this is what we really want feedback on. >To put it another way, if we've made a mistake, I hope it will be clear to >the reader we've made a mistake instead of being merely ambiguous or >confusing! Now is a good time to send us your thoughts on the design and >dependencies. > > >[1] http://www.w3.org/TR/1999/WD-xmldsig-core-19991119/
Received on Monday, 29 November 1999 16:47:49 UTC