[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
At 12:42 PM 3/25/2003 -0800, Trevor Perrin wrote: >At 12:37 PM 3/25/2003 -0800, Trevor Perrin wrote: > >>Right, but then I think you need to sign both the XML *and* the >>transformed, human-readable form. > >For example, an XML-DSIG could have 2 references, both to the same >document, one of which applies a transform to make it human-readable, the >other of which doesn't. > >So the transforms (in this and other cases) still might need to be protected. Actually, never mind. As long as you've signed the transformed data, the transforms *don't* need to be protected, cause if the relying party gets corrupted transforms, the signature won't verify. So isn't this all that needs to be done?: >an XML-DSIG could have 2 references, both to the same document, one of >which applies a transform to make it human-readable, the other of which >doesn't. Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]