- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 01 Feb 2001 15:57:15 -0500
- To: Mike Wray <mjw@hplb.hpl.hp.com>
- Cc: xml-encryption@w3.org
At 12:11 2/1/2001 -0500, Mike Wray wrote:
>Anyway, if we want to support the general case it looks like we
>need to add extra information to indicate what signing/encryption operation
>(or other transform) has been applied to a document. In general, if
>we start with X0 and generate a sequence X1, X2, ...., Xn by composing
>operations, we need to add enough information to recover X(i-1) from Xi
>for 1<=i<=n.
This sort of thing has been hinted at before:
> 6. Encryption and Signatures
> C. Capture the order of processing:
> A. ...
> B. A separate XML structure contains a stack of
> processing (signing/encrypting) steps; you can't
> insert this as attributes directly.into the XML as
> it would then break signatures. {[110]List:
> [111]Hallam-Baker/Reagle}
> C. ...
>http://www.w3.org/Encryption/2001/01/23-xml-encryption-req.html#req-Signatures
To see how this idea measures up, it'd be good to see an actual example.
__
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 1 February 2001 15:58:23 UTC