- From: Peter Lipp <Peter.Lipp@iaik.at>
- Date: Wed, 12 Jan 2000 10:32:49 +0100
- To: "John Boyer" <jboyer@uwi.com>, <Gregor.Karlinger@iaik.at>
- Cc: "DSig Group" <w3c-ietf-xmldsig@w3.org>
Received on Wednesday, 12 January 2000 04:32:59 UTC
> signed. I don't recall the end of the conversation being that we would > adopt location as hint. This was one of those discussions which seemed to end by fatigue and not by conclusions :-) And I wouldn't like to have this discussion revived..... but It seems to me that one thing we miss currently was that we have no way to force the core behaviour to dereference any URI or IDREF, in those cases where an URI or IDREF is meant to be understood as a location. This would now be application specific and any application would need to put this into SignatureProperties or so. The question seems to be: is this something that should be defined now as a core option? Personally, I don't see the need for that, as I still believe in the scenario that if I have some data, hash it, and the signature verifies, this is the only thing that counts, and I need to accept that the data I have is the data that had been signed. Where it came from and how it was transformed, I don't see as being significant for the general case. Peter ______________________________________ Dr. Peter Lipp IAIK, TU Graz Inffeldgasse 16a, A-8010 Graz, Austria Tel: +43 316 873 5513 Fax: +43 316 873 5520 Web: www.iaik.at
Received on Wednesday, 12 January 2000 04:32:59 UTC