- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 27 Mar 2000 03:17:15 -0500 (EST)
- To: John Boyer <jboyer@PureEdge.com>
- cc: w3c-ietf-xmldsig@w3.org
[woops, didn't finish] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JanMar/att-0250/01-transforms2.htm It would probably be useful to show the example in 6.6.3.4 in the context of the transform and Xpath element. >SignatureValue and KeyInfo child elements and the and the DigestValu (typo) In the SignatureValue example I might be confused (these small screens at the IETF make it hard for me to think <smile>) but why eliminate DigestValue? That element type is reserved for the reference digests, which do not change during actual signature generation. The digest value of the SignedInfo does change, but that is not explicitly represented so it need not be eliminated. Also, eliminating KeyInfo (and any objects) seems odd. This is at the signers option, but if I were signing the Signature, I'd want to sign that info as well. Also, would it be better to set the context node to the the closest ancestor Signature element (instead of at the document root)? A good way to test that Xpath expression would be to match it up to a variant of Ed's killer example (make one of the examples enveloped) <smile> http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JanMar/0226.html
Received on Monday, 27 March 2000 03:17:16 UTC