- From: Gregor Karlinger <Gregor.Karlinger@iaik.at>
- Date: Tue, 21 Dec 1999 07:22:55 +0100
- To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
- CC: w3c-ietf-xmldsig@w3.org
Received on Tuesday, 21 December 1999 01:22:45 UTC
"Donald E. Eastlake 3rd" wrote: > > I do not understand what problem you see. Core signature > verification, in the example you give, would require that the Manifest > be fetched, digested, and this digest checked again the DigestValue in > Reference in SignedInfo. In that regard it is of no partciular > significant that it happens to be a Manifest as opposed to plain data. > However, many applications will want to further vefify the digests > inside Manifests, perhaps recursively to many levels. So I conclude the following (please tell me if I am wrong): If the Type attribute of Reference indicates a manifest, but the URI attribute does not refer to a XML-Document which root element is a manifest, that is an application problem and does not touch core behaviour, i.e. the correctness of the type attribute is not checked by core behaviour. Gregor -- --------------------------------------------------------------- Gregor Karlinger mailto://gregor.karlinger@iaik.at Institute for Applied Information Processing and Communications Austria ---------------------------------------------------------------
Received on Tuesday, 21 December 1999 01:22:45 UTC