[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
All,
> -----Original Message-----
> From: jmessing [mailto:jmessing@law-on-line.com]
> Sent: Saturday, March 29, 2003 9:37 PM
> To: Rich Salz; Trevor Perrin
> Cc: dss@lists.oasis-open.org
> Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
>
>
> As I understand it, Rich Salz just did an XML-DSIG interop
> report for the W3C XML-DSIG list. Perhaps Rich can enlighten
> us whether he agrees with this suggested resolution.
> Personally, I have doubts. Either XML-DSIG works as intended
> with transforms, cannonicalization and signatures, or, as has
> been suggested, there may be problems in the implementations.
> If we have to worry about white spaces and line feed/carriage
> returns creeping back in for verifications, such that "what
> was seen was signed" may or may not be reconstructible and
> verifiable, then can we simply treat it as an XML-DSIG issue
> and move on?
I *stronly* agree with John; if XMLDSIG transforms produce different
results in different implementations, this is an XMLDSIG interop
problem.
/Gregor
>
>
> >Anyways, I just worry that this is more a general XML-DSIG
> issue than a
> >DSS
> >issue, and so we shouldn't expend too much effort trying to
> solve it,
> >unless we can do it very simply.
> >
> >> > In addition to the fact that not all
> >> > transforms will even *BE* signable
> >>
> >>Hunh? How so? Are you saying the stylesheet is private?
> >> /r$
> >
> >A transform (according to XML-DSIG 4.3.3.4) could be just about any
> >algorithm, it doesn't have to be XSLT. The approach I
> suggested would work
> >with any transform, not just those that are representable in
> XML like XSLT.
> >
> >Trevor
> >
> >
>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]