- From: Petteri Stenius <Petteri.Stenius@remtec.fi>
- Date: Mon, 5 Jun 2000 11:26:46 +0300
- To: "'TAMURA Kent'" <kent@trl.ibm.co.jp>, "IETF/W3C XML-DSig WG (E-mail)" <w3c-ietf-xmldsig@w3.org>
- Cc: "Joseph M. Reagle Jr." <reagle@w3.org>
I think the spec is rather unclear on what to do when the Transforms element is missing from a reference. Chapter 2.1.1 of [1] reads: "[s06-08] Transforms is an optional ordered list of processing steps that were applied to the resource's content before it was digested. Transforms can include operations such as canonicalization, encoding/decoding (including compression/inflation), XSLT and XPath. XPath transforms permit the signer to derive an XML document that omits portions of the source document. Consequently those excluded portions can change without affecting signature validity. For example, if the resource being signed encloses the signature itself, such a transform must be used to exclude the signature value from its own computation. If no Transforms element is present, the resource's content is digested directly. While we specify mandatory (and optional) canonicalization and decoding algorithms, user specified transforms are permitted." Chapter 4.3.3 of [1] reads: "[URI] permits identifiers that specify a fragment identifier via a separating number/pound symbol '#'. (The meaning of the fragment is defined by the resource's MIME type). XML Signature applications MUST support the XPointer 'bare name' [Xptr] shortcut after '#' so as to identify IDs within XML documents. The results are serialized as specified in section 6.6.3:XPath Filtering. For example," My interpretation of 2.1.1 is that there is *no* default serialization or canonicalization algorithm. But reading 4.3.3 would suggest that XPath is used by default. Any ideas? Petteri [1] http://www.w3.org/TR/2000/WD-xmldsig-core-20000601/
Received on Monday, 5 June 2000 04:26:40 UTC