- From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
- Date: Thu, 18 Oct 2001 08:34:26 -0400
- To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- cc: w3c-ietf-xmldsig@w3.org
OK, I thought your question was more what type it was desireable to label Manifests with. Donald From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de> Date: Thu, 18 Oct 2001 09:41:33 +0200 In-reply-to: <200110180055.UAA0000059623@torque.pothole.com> To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com> Cc: w3c-ietf-xmldsig@w3.org Message-id: <2670713731.1003398093@pinkpanther> >Hi Donald, > >I understood that processing of Manifests or referenced References is up to >the implementation. I only wanted to hear about what other implementors do. >There could be multiple scenarios: > >- Only make core validation as described in the > spec (we don't follow Manifests) >- validate all referenced Manifests >- validate all referenced Manifests if they reside > in the same document where the Signature was >- validate all referenced Manifests and References >- validate all referenced Manifests and References > if they reside in the same document where the > Signature was >- validate all referenced Manifest till a given depth > (if a SignedInfo/Reference points to a Manifest > which points to a Manifest which points to a Manifest > which points to a Manifest, only go e.g. 2 leveles deep) > >You can extend this to an arbitrary amount of different "flavours" in >Signature validation processing rules. Basically, I see these: > >- validate everything regardless of the depth >- validate till a user-supplied depth. > >I know, this is application specific and that we don't mention it in the >spec. I only wanted to hear what other implementors did and/or what users >wish. > >Christian > >--On Mittwoch, 17. Oktober 2001 20:55 -0400 "Donald E. Eastlake 3rd" ><dee3@torque.pothole.com> wrote: > >> Hi, >> >> Whether to process Manifests, what to do if one or more items in the >> Manifest fails Reference validation, whether to chase down Manifests >> pointed to by Manifests, etc., is all application dependent. It would >> be reasonable, in my opinion, for an application to only process >> Manifests where the Reference has a Manifest type attribute, in which >> case you would need to generate signatures where the Reference URI >> points directly at the Manifest (rather than, say, an encompassing >> Object) and specify the Manifest type, if you want that Manifest >> checked. But applications are not required to behave in this way. >> >> Donald >> >> From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de> >> Date: Tue, 09 Oct 2001 19:12:45 +0200 >> To: w3c-ietf-xmldsig@w3.org >> Message-ID: <1927385181.1002654765@pinkpanther> >> >>> Hi all, >>> >>> The Type attribute of a ds:Reference can contain the Type of a Reference >>> like >>> >>> Type="http://www.w3.org/2000/09/xmldsig#Object" >>> >>> or >>> >>> Type="http://www.w3.org/2000/09/xmldsig#Manifest" >>> >>> . Does there exist a proposed processing model how verification is done >>> on that? From what I see, there exist two different ways: >>> >>> 1: I ignore this type information and do only core validation: >>> SignatureValue and the SignedInfo >>> >>> 2: I try to follow and verify all nested Manifests (if >>> Type="&ds;Manifest"). >>> >>> But what processing should happen if the Type is #Reference or #Object? >>> >>> Christian
Received on Thursday, 18 October 2001 08:36:38 UTC