- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Wed, 04 Oct 2000 10:31:01 -0400
- To: TAMURA Kent <kent@trl.ibm.co.jp>
- Cc: w3c-ietf-xmldsig@w3.org
At 14:40 10/4/2000 +0900, TAMURA Kent wrote: > > Author creates signature that includes a reference to KeyInfo element > (and > > consequently it is signed). This KeyInfo contains a RetrievalMethod with > a > > relative URL; KeyInfo is canonicalized using an algorithm that resolved > URLs > > (since the Signature Reference is an XPointer barename to it). > >It is very strange... >What would happen if a KeyInfo element was pointed from two >Reference elements and they had different Transforms? Yes, I goofed in my scenario, I'll try again: Author creates signature that includes a reference to KeyInfo element (it is signed) in a separate document via a relative URL. The CanonicalizationMethod absolutizes the URI via some arbitrary method. (Also, the SignatureMethod could be changed in some way too). The thing that's necessary is that the applications validate that which was signed. So in section 3.2.2 the only thing that the applications deals with is the KeyInfo (and while it need not be signed, if it is we should protect it appropriately) and the SignatureMethod. If either of these could've been altered by the CanonicalizationMethod, then the canonicalization step in validation should correspond to the canonicalization in generation in 3.1.2.2. Does that make sense? I know the screw case I'm trying to cover is probably very unlikely (some URIs being altered), but given the recent discussion on URIs, I'm trying to capture a completeness/symmetry... __ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Wednesday, 4 October 2000 10:31:08 UTC