- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 7 Feb 2002 17:47:34 -0500
- To: w3c-ietf-xmldsig@w3.org
- Cc: "John Boyer" <JBoyer@PureEdge.com>
John has done a great job of quickly putting together a new XPath Signature
filter spec. I've done some tweaks and posted it at [1]. Below I list some
of my tweaks that John (or anyone else) can push back on.
1. As we did for exc-c14n, I've assigned it a tenative namespace instead of
using the actual documents URI:
http://www.w3.org/2002/02/xmldsig-xpath
2. I added a schema and DTD for the instance syntax, and in the process
ended up moving from John's
<SignatureFilter FilterType="include" xmlns:dsig="&dsig;">
id("PrimaryBorrowerSig")
</SignatureFilter>
to
<XPath Filter="include"
xmlns="http://www.w3.org/2002/02/xmldsig-xpath-filter">
id("PrimaryBorrowerSig")
</XPath>
because the schema based on the original syntax had a FilterType attribute
in the SignatureFilterType complexType -- it started looking confusing.
Also, in the end I felt that using syntax similar to the existing XPath
transform, and just considering this 2.0 made things easier to understand
actually.
3. John originally had the "exclusive" be default. However, I wasn't sure
if this was supposed to be implicit processing behaviour (which we try to
avoid) or in the schema (we also try to avoid defaults there). So in the
interest of explicitness I made it required to specify.
Thoughts? (On these syntax issues, or implementation performance)
[1] http://www.w3.org/Signature/Drafts/xmldsig-transform-xpath.html
--
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 7 February 2002 17:47:38 UTC