- From: John Messing <jmessing@law-on-line.com>
- Date: Thu, 16 May 2002 21:09:37 -0700
- To: "Christian Geuer-Pollmann" <geuer-pollmann@nue.et-inf.uni-siegen.de>, "Tom Gindin" <tgindin@us.ibm.com>, "Ed Simon" <edsimon@xmlsec.com>
- Cc: "Roman Huditsch" <roman.huditsch@hico.com>, <w3c-ietf-xmldsig@w3.org>
Wouldn't you need to include the message digest of the file in the signed data as well and then sign the reference and the message digest as signed info? ----- Original Message ----- From: "Christian Geuer-Pollmann" <geuer-pollmann@nue.et-inf.uni-siegen.de> To: "Tom Gindin" <tgindin@us.ibm.com>; "Ed Simon" <edsimon@xmlsec.com> Cc: "Roman Huditsch" <roman.huditsch@hico.com>; <w3c-ietf-xmldsig@w3.org> Sent: Thursday, May 16, 2002 11:05 AM Subject: Re: newbie Question about PKCS#7 > > > --On Donnerstag, 16. Mai 2002 11:28 -0400 Tom Gindin <tgindin@us.ibm.com> > wrote: > > > IMHO, XML Signature is not "the new way of doing signatures". It's > > the new, and hopefully best, way of signing documents which include XML. > > Do you expect people to sign pure binary data using XML Signature rather > > than CMS? > > I would say XML Signature is a good way for creating digital signatures, > even detached signatures which create arbitrary binary content. Even if > there is no hint on what exactly IS the thing being signed, the signature > itself has rich semantics. But of course, XML Signature will have no great > future in environments where storage size or computing power are limited. > > > Maybe I'm confused about the standard, but I don't see a "Type" > > value for transparent binary data or a transform for it. Does a > > Reference with both Type and Transforms omitted mean binary? > > I would say yes. Signing a GIF or something similar is > > <Reference URI="1.gif" (or URI="protocol://host/1.gif"> > and no transforms. > > Other opinions? > > > Christian > >
Received on Friday, 17 May 2002 00:40:02 UTC