- From: Thomas Maslen <maslen@dstc.edu.au>
- Date: Thu, 20 Jul 2000 20:12:05 +1000
- To: w3c-ietf-xmldsig@w3.org
- Cc: Brian LaMacchia <bal@microsoft.com>, "'Joseph M. Reagle Jr.'" <reagle@w3.org>
Brian LaMacchia <bal@microsoft.com> wrote:
> You need to remove "(applied if this element is omitted)" because the
> element MUST be present. So I think it should now read:
>
> CanonicalizationMethod is a required element that specifies the
> canonicalization algorithm applied to the SignedInfo element prior to
> performing signature calculations. This element uses the general structure
> for algorithms described in section 6.1: Algorithm Identifiers and
> Implementation Requirements. The MANDATORY to implement canonicalization
> algorithm
> is Canonical XML [XML-C14N].
In similar vein, CanonicalizationMethod is treated as optional in a few
other places:
(1) In section 2.0, the overall structure is outlined:
<Signature>
<SignedInfo>
(CanonicalizationMethod)?
(SignatureMethod)
<Reference (URI=)? >
(Transforms)?
(DigestMethod)
(DigestValue)
(</Reference>)+
</SignedInfo>
(SignatureValue)
(KeyInfo)?
(Object)*
</Signature>
(2) In section 2.1, one annotation says:
[s03] The CanonicalizationMethod is the algorithm that is used to
canonicalize the SignedInfo element before it is digested as part
of the signature operation. In the absence of a
CanonicalizationMethod element, no canonicalization is done.
(3) The first step in section 3.1.2 says:
1. Create SignedInfo element with SignatureMethod,
CanonicalizationMethod if required, and Reference(s).
Thomas Maslen
maslen@pobox.com
Received on Thursday, 20 July 2000 06:12:12 UTC