- From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
- Date: Thu, 17 Aug 2000 08:37:45 -0400
- To: Paul Hoffman / IMC <phoffman@imc.org>
- cc: <xml-names-editor@w3.org>, <www-xml-infoset-comments@w3.org>, "XML DSig" <w3c-ietf-xmldsig@w3.org>
Hi, From: Paul Hoffman / IMC <phoffman@imc.org> X-Sender: phoffman@mail.imc.org Message-Id: <p05000e01b5c0bcb2bfc2@[165.227.249.17]> In-Reply-To: <200008162045.QAA14245@torque.pothole.com> References: <200008162045.QAA14245@torque.pothole.com> Date: Wed, 16 Aug 2000 14:59:24 -0700 To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, "John Boyer" <jboyer@PureEdge.com> Cc: <xml-names-editor@w3.org>, <www-xml-infoset-comments@w3.org>, "XML DSig" <w3c-ietf-xmldsig@w3.org> >At 4:45 PM -0400 8/16/00, Donald E. Eastlake 3rd wrote: >> ><dsig:Reference xmlns:dsig="&dsig;" URI="#X" dsig:URI="#Y> >>>... >>> >>>If my implementation picks up URI and your implementation picks up dsig:URI, >>>then only one of us will correctly validate this beastly signature. >> >>While a bad state of affairs we should avoid, I would put 90%+ of the >>blame for such a non-interoperability on the software which generated >>the above Reference. > >DANGER, DANGER, WILL ROBINSON! This is exactly the attitude that got >X.509/PKIX into the sorry state it is in today. If you want >interoperability between signature creators and validators, you MUST >prevent any ambiguity about how to interpret abominations like the >above. I don't think any XML software I'm familiary with would generate the above from the schema/DTD we have. The URI attribute is a local attribute of the Reference element and to prefix it with a namespace is is really an error. >> >Below you state, "If the text documenting N and/or E doesn't tell you what >>>to do here, you get to toss a coin or something." Tossing a coin undermines >>>the interoperability that is supposedly the cornerstone of XML. The 'if' >>>part of your statement should not be true for any application of XML, and >>>therefore not for XML DSig in particular. >> >>Sure it shouldn't but I bet it is for most. > >Then why even continue with this work? IETF work is meant to assure XML Digital Signatures are sigantures using XML syntax which can sign anything. We can fix most things for XML Digital Signatures by constraining / defining its syntax and processing. But we can't fix the whole XML world. I've never seen any XML appliciation that defines what to do when you have duplicate local attribute names on an element distnguished by prefix. This lack is what I was talking about above and actually has little to do with the interoperability of XML Digital Signatures themselves, which we get to define. >interoperability, not just "look, we came up with another format for >an interesting type of data". This WG has the opportunity to make XML >digsigs very useful, but if you can't even get them more >interoperable than those in CMS or even PGP, they won't be very >popular, which would be sad. (I say this as someone who holds his >nose when I need to wade through ASN.1 but just wince when I have to >use XML.) Well, I don't really know just how much real world interoperability there will be. If people use lots of complex/proprietary algorithms (including transforms and canonicalization as well as crypto), there may be hardly any. While the design of XML is perfectly understandable, given its origins, it is pretty signatgure unfriendly. >--Paul Hoffman, Director >--Internet Mail Consortium Donald
Received on Thursday, 17 August 2000 08:35:03 UTC