- From: Joseph Reagle <reagle@w3.org>
- Date: Fri, 10 Jan 2003 13:16:45 -0500
- To: Rich Salz <rsalz@datapower.com>, Marc Hadley <marc.hadley@sun.com>
- Cc: w3c-ietf-xmldsig@w3.org
[Continuing to trim the headers as the discusison gets more specific.] On Friday 10 January 2003 12:40, Rich Salz wrote: > > Sorry for the confusion, I meant specify a transform and assign it a > > URI. Then assign another URI to the combination of the transform > > specified and exclusive canonicalization as a 'new' canonicalization > > algorithm. I feel like I understand Marc, but I'm not following you Rich. > As it says, exclusive canonicalization is meant to address issues that > come up when a signed message is packaged/enveloped. Since the > SignedInfo element itself is subject to the same package/enveloping > issues, then one might want c14n-excl on the SignedInfo element. But > since you can't do arbitrary transforms, then each time you want to > mix-and-match, you have to define a new URI that represents that > combination. This is true. However I don't think any of the conditions in [1] apply to SignedInfo. So SOAP Message Canonicalization would never have to be used over a SignedInfo. [1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2003JanMar/att-0000/01-soap-c14n.html#N201 > Ugh. Kiss interop goodbye. Even if SOAP Message Canonicalization needed to be used against SignedInfo, then that argues for a single URI. But I don't see how that affects interop. -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Friday, 10 January 2003 13:16:48 UTC