- From: Brian LaMacchia <bal@exchange.microsoft.com>
- Date: Fri, 31 Oct 2003 14:49:49 -0800
- To: "John Boyer" <JBoyer@PureEdge.com>, <AndrewWatt2001@aol.com>, <jmessing@law-on-line.com>
- Cc: <www-forms@w3.org>, <XForms@yahoogroups.com>, <w3c-ietf-xmldsig@w3.org>
Hi John, John and Andrew, I just wanted to take a moment to clarify how InfoPath supports the W3C XML Signature standard (XMLDSIG). InfoPath uses XMLDSIG to secure the XML data created by a user via an InfoPath form. Any change to the XML data occurring after the InfoPath form has been digitally signed will invalidate the digital signature, which will be detected by InfoPath when InfoPath attempts to load or otherwise consume the data. XMLDSIG digital signatures are most commonly used to ascertain that the XML data underlying the InfoPath form has not been altered since the form was originally signed. Applications that attach semantic meanings to digital signatures, which InfoPath does not currently support, relate to making a signed statement about the data that was presented to the user, how it was presented, and/or whether there were any semantic implications to the user making the signature. In these cases, the presentation of the form itself to the signer needs to be secured along with the data supplied by the signer to the form. As the XMLDSIG specification states in its introduction: "XMLDSIG is a method of associating a key with referenced data; it does not normatively specify...the meaning of the data being referenced and signed." Such semantics may be built on top of XMLDSIG but that requires that additional semantic elements be defined on top of the core XMLDSIG syntax. Based on customer feedback, InfoPath will enable this additional digital signature functionality as a part of a web download expected to be made available in the first half of 2004. --Brian LaMacchia Microsoft
Received on Friday, 31 October 2003 17:54:01 UTC