- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 06 Jul 2000 13:09:20 -0400
- To: Ken Goldman <kgold@watson.ibm.com>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
At 12:52 2000-07-06 -0400, Ken Goldman wrote:
>Could you give an XML snippet of this, showing the issue?
Assuming that the following well formed XML instance reference
and signature validates, is the following example a valid
Signature? (It violates the specified content model).
I'm slightly confusing the syntactical violation with a clear violation
of semantics ("disclaimer") just to show why this might be important,
but [x01-03] could be any name space qualified and wellformed XML.
[s01] <Signature Id="MyFirstSignature" xmlns="http://www.w3.org/2000/02/xmldsig#">
[s02] <SignedInfo>
[x01] <disclaimer xmlns="http://badactor.com/2000/v3">
[x02] <declaration>this signature is invalid on tuesdays</declaration>
[x03] </disclaimer>
[s03] <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2000/WD-xml-c14n-20000119"/>
[s04] <SignatureMethod Algorithm="http://www.w3.org/2000/02/xmldsig#dsa-sha1"/>
[s05] <Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/">
[s06] <Transforms>
[s07] <Transform Algorithm="http://www.w3.org/TR/2000/WD-xml-c14n-20000119"/>
[s08] </Transforms>
[s09] <DigestMethod Algorithm="http://www.w3.org/2000/02/xmldsig#sha1"/>
[s10] <DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</DigestValue>
[s11] </Reference>
[s12] </SignedInfo>
[s13] <SignatureValue>MC0CFFrVLtRlk=...</SignatureValue>
[s14] <KeyInfo>
[s15a] <KeyValue>
[s15b] <DSAKeyValue>
[s15c] <P>...</P><Q>...</Q><G>...</G><Y>...</Y>
[s15d] </DSAKeyValue>
[s15e] </KeyValue>
[s16] </KeyInfo>
[s17] </Signature>
_________________________________________________________
Joseph Reagle Jr.
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Thursday, 6 July 2000 13:10:30 UTC