- From: Petteri Stenius <Petteri.Stenius@remtec.fi>
- Date: Thu, 23 Mar 2000 21:53:46 +0200
- To: "IETF/W3C XML-DSig WG (E-mail)" <w3c-ietf-xmldsig@w3.org>
- Cc: "'Martin J. Duerst'" <duerst@w3.org>
Yes, excluding the Signature or SignatureValue element (without using XPath) is the main concern with enveloped signatures. I believe it could benefit many if more transforms were added to the spec, a generic "exclusion by IDREF" algorithm would be enough to solve enveloped signatures. Petteri > -----Original Message----- > From: Martin J. Duerst [mailto:duerst@w3.org] > Sent: Thursday, March 23, 2000 5:11 AM > To: Petteri Stenius; IETF/W3C XML-DSig WG (E-mail) > Subject: Re: Enveloped signatures and XPath > > > At 00/03/22 19:39 +0200, Petteri Stenius wrote: > > > >The interop requirements doc reads: > > > >"Feature: Enveloped Signature MUST > > requires: XPath selector that drops SignatureValue" > > > > > >I remember there was some talk about this at the FTF meeting > in San Jose. It > >was discussed that it could be possible to detect this > particular XPath > >expression without implementing the entire XPath support. > > > >Has anyone worked out a (standard?) XPath expression for > excluding the > >Signature or SignatureValue element? > > If that's the main concern, it may even be possible to define > a transform that cuts out the SignatureValue element without > using XPath at all. > > > Regards, Martin. >
Received on Thursday, 23 March 2000 14:53:51 UTC