- From: Dournaee, Blake <bdournaee@rsasecurity.com>
- Date: Wed, 25 Jul 2001 13:46:39 -0700
- To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>
- Cc: "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org>
Hello All, There is something that I have been pondering about XML Signatures. Specifically, the current Candidate Rec allows for the use of Canonical XML as a transform in the "transformation pipeline" above and beyond the use of C14N to convert any node-set to octets. Consider this Argument: 1. If a Reference is to be processed as "XML" (node-set), it will be canonicalized implicitly when the node-set is converted to octets at the end of the transformation pipeline. 2. If a Reference is to be processed as octets, canonicalization is meaningless, since we don't know what the file format is anyhow 3. C14N, when used as a part of the transformation pipeline is redundant. Is there some exception to my argument here? What is missing? Kind Regards, Blake Dournaee Toolkit Applications Engineer RSA Security "The only thing I know is that I know nothing" - Socrates
Received on Wednesday, 25 July 2001 16:47:29 UTC