dss message

Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded

From: Trevor Perrin <trevp@trevp.net>
To: Nick Pope <pope@secstan.com>, dss@lists.oasis-open.org
Date: Tue, 25 Mar 2003 13:27:08 -0800

At 12:42 PM 3/25/2003 -0800, Trevor Perrin wrote:

>At 12:37 PM 3/25/2003 -0800, Trevor Perrin wrote:
>
>>Right, but then I think you need to sign both the XML *and* the 
>>transformed, human-readable form.
>
>For example, an XML-DSIG could have 2 references, both to the same 
>document, one of which applies a transform to make it human-readable, the 
>other of which doesn't.
>
>So the transforms (in this and other cases) still might need to be protected.



Actually, never mind.  As long as you've signed the transformed data, the 
transforms *don't* need to be protected, cause if the relying party gets 
corrupted transforms, the signature won't verify.  So isn't this all that 
needs to be done?:

>an XML-DSIG could have 2 references, both to the same document, one of 
>which applies a transform to make it human-readable, the other of which 
>doesn't.

Trevor

Follow-Ups:
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: "Gregor Karlinger" <gregor.karlinger@cio.gv.at>
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: "Nick Pope" <pope@secstan.com>

References:
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: Trevor Perrin <trevp@trevp.net>
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: "Nick Pope" <pope@secstan.com>
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: Trevor Perrin <trevp@trevp.net>
- RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
  - From: Trevor Perrin <trevp@trevp.net>