- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 25 Jun 2001 14:51:08 -0400
- To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
- Cc: w3c-ietf-xmldsig@w3.org, Brian LaMacchia <bal@microsoft.com>
[
$Revision: 1.87 $ on $Date: 2001/06/25 18:50:34 $
http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html
]
At 22:52 6/24/2001, Donald E. Eastlake 3rd wrote:
>Section 4.3.1: one occurance of "CanonicalizationMethod" has the
></code> before, instead of after, the last letter.
Fixed.
>Section 4.3.3.2: In both the DTD and Schema, the "stylesheet" element
>should occur in addition to the "XPath" element.
I think you mean 4.3.3.4? We dropped the XLST element, <stylesheet> can be
included by the app.
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001AprJun/0025.html
>Section 4.4: The first three in the list of Type URIs is missing the
>colon (":") after the "http".
Fixed.
>Maybe I'm just missing something but why, in 4.4.3, does it say that
>keying information obtained by a RetrievalMethod "may need to be
>canonicalized"? Even if the KeyInfo is signed, the signature is over
>the RetrievalMethod element and content, not over what is retrieved,
>right?
I think this is because you "may" sign the data obtained by RetrievalMethod.
>Section 4.4.5: Seems a bit odd in just saying that PGPKeyID is a
>string. Actually, I belive, PGPKeyID's are 8 octet binary quantities
>so it would seem like it should say they are Base64 encoded...
I'm not sure. Brian?
>Section 7.3: At the end, the last points two numbered don't seem
>connected to the rest of the text. Suggest preceeding them with "To
>avoid these problems, applications may need to:" or the like.
Done.
--
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Monday, 25 June 2001 14:56:36 UTC