RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded

["Nick Pope" <pope@secstan.com>]

I agree with what you say.

I would welcome references to the papers on WYSIWYS that you mention.

Nick 

> -----Original Message-----
> From: karel.wouters@esat.kuleuven.ac.be
> [mailto:karel.wouters@esat.kuleuven.ac.be]
> Sent: 26 March 2003 12:12
> To: dss@lists.oasis-open.org
> Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
> 
> 
> Hi,  some thoughts that came up during a discussion with a 
> colleague:  consider this: User constructs an XML document and a 
> corresponding transformation that outputs an HTML version of the 
> XML. The transform embeds some code into the HTML such that the 
> representation of the HTML depends on the one who looks at the 
> HTML. (A verifier might see something completely different than 
> the signer.) The policy says something like "the signer agrees 
> with what he/she saw after the signed transformation was applied 
> to the signed XML"  In that case, we're in trouble, and even 
> signing the two representations won't solve the problem.  IMHO, 
> the XML and the transform should be signed, and the rest should 
> be left to be specified by people who adopt this standard. They 
> can specify their policies in an appropriate way. The extra 
> attribute with "this is what the user saw" might be a part of the 
> solution.  There exist some nice papers about the WISYWIS problem 
> wrt XML and if some TC members are interested, I would be happy 
> to look them up.  best regards,  Karel.  
> 
>