- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 06 Jul 2000 11:48:41 -0400
- To: "Martin J. Duerst" <duerst@w3.org>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
At 11:30 2000-07-06 +0900, Martin J. Duerst wrote: >At 00/07/05 16:12 -0400, Joseph M. Reagle Jr. wrote: >>Consequently, if a Signature application encountered a Signature with >>external content (even if namespace qualified) in SignedInfo, that Signature >>should be invalid. It would only know it is invalid if it had the >>DTD/Schema, consequently, a schema validating parser is REQUIRED. Right? > >Couldn't you just use a well-formed parser, and throw an error >if you see an element or attribute that's not allowed? So it would be a well-formed parser with additional logic added to it that includes the semantics of the Signature DTD and schema constraints? What do you call this? Again, the question I'm trying to focus on, say you come across a Signature instance with some superflous XML content from an external namespace in SignedInfo, is the Signature invalid? _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Thursday, 6 July 2000 11:49:52 UTC