- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Tue, 14 Aug 2001 15:15:54 +0300
- To: "Dsig (E-mail)" <w3c-ietf-xmldsig@w3.org>
Hi, At section 2.0 there's a simplified overview of DSIG structure: <Signature> <SignedInfo> (CanonicalizationMethod) (SignatureMethod) (<Reference (URI=)? > (Transforms)? (DigestMethod) (DigestValue) </Reference>)+ </SignedInfo> (SignatureValue) (KeyInfo)? (Object)* </Signature> I think this text is pretty old, definitely before I first looked at the draft. So I have some questions, and please excuse me if this was discussed already (probably long ago) on the list: 1. Is this a common format? 2. Is there a reason that some tags are given as tags, e.g. SignedInfo, while others are without the brackets, e.g. SignatureValue? 3. Is there a reason that some mandatory elements are in parenthesis, e.g. CanonicalizationMethod, while others are not, e.g. SignedInfo? 4. Is it correct that when a parenthesis is closed without "?", "+" or "*", then the element should appear exactly once? If so, it may be clearer to use a sign for `appear exactly once`, e.g. the numeral 1. Or better yet simply not put such element in parenthesis. Just in case all the above points are simply minor mistakes, here's a potential new text: <Signature> <SignedInfo> <CanonicalizationMethod> <SignatureMethod> (<Reference (URI=)? > (<Transforms>)? <DigestMethod> <DigestValue> </Reference>)+ </SignedInfo> <SignatureValue> (<KeyInfo>)? (<Object>)* </Signature> Best regards, Amir Herzberg CTO, NewGenPay Inc. http://www.newgenpay.com/Amir/Herzberg.htm SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il
Received on Tuesday, 14 August 2001 08:16:26 UTC