- From: John Boyer <jboyer@uwi.com>
- Date: Thu, 1 Apr 1999 09:53:42 -0800
- To: "Dsig group" <w3c-xml-sig-ws@w3.org>
- Message-ID: <004b01be7c68$94c230b0$9ccbf4cc@kuratowski.uwi.bc.ca>
Hello all, Regardless of how an unparsed entity is indicated, a copy of the entity must be brought into the XML document. XFDL uses base 64 encoding to transform unparsable entities into character content for inclusion in the hash value. It is important to capture non-human-readable resources such as images in the hash as an essential part of capturing the context leading to a signature. The user does not see start tags, attributes, and character content. In a legal sense, a user who affixes a digital signature is authorizing that *what they are looking at* is correct. It is necessary to combine the input values given by the user with the questions asked, foreground and background colors, fontinfo, images, GUI object locations, etc. A repudiation argument could then include graphically rendering the hashed message. Here's an example. Suppose we didn't include images in the signature. This could be the image that tiles the background, the image of the company logo, the image that shows which credit card will be used, a drawing or picture of what is being negotiated, etc. Removing the image can directly alter the meaning of the transaction, and it is even possible to have indirect consequences. For example, not having the image could cause other objects whose positions are based on the image's bounding rectangle to change positions. This could alter the meaning of the agreement. If only a reference to the object is kept, then the object can never be moved. If it does, then changing the reference breaks the signature. John Boyer Software Development Manager UWI.Com -- The Internet Forms Company jboyer@uwi.com
Received on Thursday, 1 April 1999 12:49:05 UTC