- From: Gregor Karlinger <gregor.karlinger@iaik.at>
- Date: Mon, 27 Mar 2000 12:46:19 +0200
- To: "Joseph M. Reagle Jr." <reagle@w3.org>, "John Boyer" <jboyer@PureEdge.com>
- Cc: <w3c-ietf-xmldsig@w3.org>
> In the SignatureValue example I might be confused (these small screens at > the IETF make it hard for me to think <smile>) but why eliminate > DigestValue? That element type is reserved for the reference digests, > which do not change during actual signature generation. The digest value > of the SignedInfo does change, but that is not explicitly represented so > it need not be eliminated. The result of applying the list of transforms are the characters which the digest generation should be performed on. Therefore at least the DigestValue of the Reference currently worked on is not known at this time. So you have to omit this DigestValue element. I agree that there is no need to omit all the Reference's DigestValue field as the example suggests. But maybe this gets clearer as the underlying XML instance is added to the example. > Also, eliminating KeyInfo (and any > objects) seems odd. This is at the signers option, but if I were signing > the Signature, I'd want to sign that info as well. I agree, eliminating KeyInfo in the example is confusing. There is no urgent reason for that. The signer should be able to decide that. Regards, Gregor --------------------------------------------------------------- Gregor Karlinger mailto://gregor.karlinger@iaik.at http://www.iaik.at Phone +43 316 873 5541 Institute for Applied Information Processing and Communications Austria ---------------------------------------------------------------
Received on Monday, 27 March 2000 05:47:45 UTC