- From: Richard D. Brown <rdbrown@GlobeSet.com>
- Date: Fri, 30 Apr 1999 13:31:12 -0500
- To: "'Phillip M Hallam-Baker'" <pbaker@verisign.com>, <dee3@us.ibm.com>, "'XML-DSig Workshop'" <w3c-xml-sig-ws@w3.org>
Phill, Sorry, but I do not get your point, unless your refer to the mandatory attributes for a detached-signature (content-type, and digest-value). Sincerely, Richard D. Brown > -----Original Message----- > From: w3c-xml-sig-ws-request@w3.org > [mailto:w3c-xml-sig-ws-request@w3.org]On Behalf Of Phillip M > Hallam-Baker > Sent: Friday, April 30, 1999 10:37 AM > To: rdbrown@GlobeSet.com; dee3@us.ibm.com; 'XML-DSig Workshop' > Subject: RE: Example of XML-DSIG and CMS > > > > > This simple approach should work, but, as you have mentioned in your > > previous email, there will be a lot of redundant pieces of > information > > between the Manifest and the encoded CMS blob. Also, I > think we should > > mandate that the CMS blob SHALL NOT contain any > authenticated attribute. > > Also, if we were to consider "crypto-engines", none SHALL be made > > mandatory. > > The whole point of using CMS is to use the authenticated attributes. > > Without authenticated attributes the CMS wrapping arround the .sig > is pure wasted bytes. > > > Phill >
Received on Friday, 30 April 1999 14:31:29 UTC