W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

RE: 3.2.1 Reference Validation - Section has been confused with S ignature Validation

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 05 Jun 2001 17:37:36 -0400
Message-Id: <4.3.2.7.2.20010605173515.00b54d20@localhost>
To: Jared Jonas <JJonas@iLumin.com>
Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
[An excerpt back on list since I'm proposing an editorial change to the spec.]

At 11:29 6/5/2001, Jared Jonas wrote:
>Reference validation includes canonicalization of SignedInfo and Reference 
>generation makes no mention of canonicalization.

That's true, I can see how that asymmetry can be confusing. Consequently, I 
propose a parenthetical sentence to Reference Generation (3.1.1.3):

3.1.1 Reference Generation
For each data object being signed:

1. Apply the Transforms, as determined by the application, to the data object.

2. Calculate the digest value over the resulting data object.

3. Create a Reference element, including the (optional) identification of 
the data object, any (optional) transform elements, the digest algorithm and 
the DigestValue. /+(Note, it is the canonical form of these references that 
are signed in 3.1.2 and validated in 3.2.1 .)+/

--
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Tuesday, 5 June 2001 17:37:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:05 UTC