- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Thu, 02 Mar 2000 22:11:28 +0100
- To: IETF-W3C XML-Signature-WG <w3c-ietf-xmldsig@w3.org>
- Message-ID: <38BED900.413648B6@nue.et-inf.uni-siegen.de>
In section 2.1, example explanation [s18-20]:
In my opinion, the sentence:
"First, the signer may not wish to reveal key information
to all signature verifiers."
should read
"First, the signer may not wish to reveal key information
to all document processing parties"
, because a _verifier_ must have access to the key information. The
intent is to disclose this information from all those who only work
with the data without doing a validation/verification.
-----------------------
In section 2.2, example line [p12]:
Is: <SignatureProperties ID="...
Should be: <SignatureProperties Id="...
(See section 5.2, Schema of SignatureProperties)
-----------------------
In section 2.2, explanation of example [p04]
Is: "In particular, [...] Object, SignatureProperties, or
Should be: "In particular, [...] Object, SignatureProperty, or
(See end of section 4.3.3, example values for "Type" attribute)
Related to this definition, another problem occurs. The 3rd "Type"
example in 4.3.3 refers to
"Type="http://www.w3.org/2000/01/xmldsig#SignatureProperty"",
although the referred ID is a Properties element within an Object
and not a Property within a Properties element.
Suggestion:
It would be clearer to substitute all occurences of
http://www.w3.org/2000/02/xmldsig#SignatureProperty
by
http://www.w3.org/2000/02/xmldsig#SignatureProperties
and let the above sentence in its current version.
-----------------------
In section 3.2.1 "Reference Validation", item 3.:
Is: "Compare the generated digest value against
DigestValue in SignedInfo;"
Should be: "Compare the generated digest value against
DigestValue in Reference;"
(Because DigestValue is child of Reference, and Reference is child of
SignedInfo.)
-----------------------
In section 4.3.3 first paragraph, 3rd sentence, it would be clearer
to include a "(URI)" comment:
Suggestion: "The identification (URI) and transforms describe ..."
^^^^^
----
In section 4.3.3 second paragraph, maybe it would be clearer to
say ("should" added and "null" moved) :
Is: "We RECOMMEND they be able to dereference
null URIs and URIs in the HTTP scheme."
Suggested: "We RECOMMEND they should be able to dereference
URIs and null URIs in the HTTP scheme."
----
In section 4.3.3 third paragraph, there are two "the" words:
"XML Signature applications MUST support the the XPointer"
^^^
-----------------------
At the end of section 4.3.3, namespace of example values for "Type"
attribute:
Is: Type="http://www.w3.org/2000/01/xmldsig
Should be: Type="http://www.w3.org/2000/02/xmldsig
-----------------------
Section 4.4: DTD of <KeyInfo>: Substitute "*" by "+"
Is:
<!ELEMENT KeyInfo ((KeyName | KeyValue | RetrievalMethod |
X509Data | PGPData | MgmtData)*) >
Should be:
<!ELEMENT KeyInfo ((KeyName | KeyValue | RetrievalMethod |
X509Data | PGPData | MgmtData)+) >
See the Schema:
<element name='KeyInfo'>
<type content='elementOnly'>
<group order='choice' minOccurs='1' maxOccurs='*'>...</group>
^
-----------------------
Section 4.4: Schema of MgmtData not present, DTD is present.
-----------------------
Section 4.5: third paragraph:
Is:
<p>The <code>Object</code>'s <code>ID</code> is
Should be:
<p>The <code>Object</code>'s <code>Id</code> is
^
-----------------------
Section 5.2: DTD of <SignatureProperties>: Substitute "*" by "+"
Is:
<!ELEMENT SignatureProperties (SignatureProperty*) >
Should be:
<!ELEMENT SignatureProperties (SignatureProperty+) >
See also schema:
<element name='SignatureProperties'>
<type content='elementOnly'>
<element ref='ds:SignatureProperty' minOccurs='1' maxOccurs='*'/>
-----------------------
Section 5.4: Literature reference is wrong:
Is:
the Canonical XML [<a href="#ref-XML-c14n">XML-canonicalization</a>], is
...
Should be:
the Canonical XML [<a href="#ref-XML-c14n">XML-c14n</a>], is ...
-----------------------
I hope the comments are ok ;-)
Regards, Christian
Received on Thursday, 2 March 2000 16:17:31 UTC