Re: Section 7.1 Re: Followup on I18N Last Call comments and disposition

At 12:36 8/11/2000 -0400, Donald E. Eastlake 3rd wrote:
 >"Note that items (2), (4), and (5C) depend on specific schema, DTD, or
 >similar declarations. In the general case, such declarations will not
 >be available to or used by the signature verifier, particularly for
 >non-signature XML, which may be in othr namespaces, in the same
 >document as the signature. Thus, a signature will only be verifiable
 >by such a non-validating signature implementations if the following
 >syntax contraints are observed when generating any signed material
 >including the SignedInfo element:

I took a stab at putting this in the context of laxly schema valid, are we
in agreement?

Note that items (2), (4), and (5C) depend on the presence of a schema, DTD
or similar declarations. The Signature element type is laxly schema valid
[XML-schema], consequently external XML or even XML within the same document
as the signature may be (only) well formed or from another namespace (where
permitted by the signature schema); the noted items may not be present.
Thus, a signature with such content will only be verifiable by other
signature applications if the following syntax contraints are observed when
generating any signed material including the SignedInfo element:

 >          1. Attributes having default values are explicitly present.
 >          2. All entity references (except "amp", "lt", "gt", "apos",
 >"quot", and other character entities not representable in the encoding
 >chosen) are expanded and non-representable characters are replaced by
 >their numeric character reference.
 >          3. Attribute value white space is normalized."

I believe 2 now satisfies Martin's original question.

_________________________________________________________
Joseph Reagle Jr.   
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/

Received on Friday, 11 August 2000 13:45:14 UTC