- From: Kevin Regan <kevinr@valicert.com>
- Date: Mon, 24 Jul 2000 10:35:53 -0700 (PDT)
- To: TAMURA Kent <kent@trl.ibm.co.jp>
- Cc: w3c-ietf-xmldsig@w3.org, Merlin Hughes <merlin@baltimore.ie>
Isn't the Id attribute for Signature optional? In this case, I don't think that it can be used as a general way of identifying the Signature node from within the spec (although applications may set an Id for the Signature node and use it in other ways). --Kevin On Sun, 23 Jul 2000, TAMURA Kent wrote: > > In message "XMLDSIG proposal: enveloped signatures, xpath and here()" > on 00/07/17, Merlin Hughes <merlin@baltimore.ie> writes: > > After implementing the transforms from WD-xmldsig-core-20000711 > > I have been left with some conceptual troubles over the > > specification of the enveloped signature and XPath transforms; > > and, in particular, here(). > > These troubles are the same as I wrote in the following mail: > > Date: Mon, 3 Jul 2000 14:16:06 +0900 > > From: TAMURA Kent <kent@trl.ibm.co.jp> > > To: w3c-ietf-xmldsig@w3.org > > Subject: Transform I/O is a sequence of octets > > > In message "XMLDSIG proposal: enveloped signatures, xpath and here()" > on 00/07/17, Merlin Hughes <merlin@baltimore.ie> writes: > > If the latter, then why not eliminate the here() > > function and replace it with an XPath variable that > > corresponds to the Id of the Signature. > > > > The resulting XPath definition of the enveloped signature > > transform would be: > > > > <XPath xmlns:dsig="&dsig;"> > > (//. | //@* | //namespace::*) > > > [not(ancestor-or-self::dsig:Signature[attribute::Id=$signature-id])] > > </XPath> > > I prefer this proposal. This is simpler and easier to implement > than here(). > > -- > TAMURA Kent @ Tokyo Research Laboratory, IBM >
Received on Monday, 24 July 2000 13:36:07 UTC