Re: Countersignature capabilities in the current draft

At 17:14 11/15/2000 +0000, Juan Carlos Cruellas wrote:
>1. Would it be correct to assume that  a <SignatureProperty> could
>contain this kind of information, ie, other <Signature> element? My view
>is that taking into account what is said in the draft ("Additional
>information items concening the generation of the signature(s) can be 
>placed in a
>SignatureProperty element" in section 5.2), it would be OK.

The way I think about SignatureProperty is that it's an assertion about the 
Signature (an implicit RDF:about), so this sounds ok to me. However, this 
isn't explicit really and my preference is if people cleanly define their 
own semantics. So you could place this in an object, reference the first 
signature and it gives you integrity, if you want to mean something else, 
you could include that semantic (using the <CounterSignature> that Merlin 
suggested [1] (though it should be namespace qualified).)


[1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000OctDec/0140.html.

>2. Assuming that in XML this kind of behaviour should be allowed, what the
>second <Signature> would sign is the <SignatureValue> element of the first
><Signature> element. So, a <Reference> to this <SignatureValue> should appear
>within the second <Signature>, but NO Id attribute has been specified for the
><SignatureValue> element, so it seems not possible to reference it unless a
>redefinition of the <SignatureValue> element is made.

I will add an ID to that element.


__
Joseph Reagle Jr.
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/

Received on Monday, 20 November 2000 10:49:49 UTC