[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
All, > -----Original Message----- > From: jmessing [mailto:jmessing@law-on-line.com] > Sent: Saturday, March 29, 2003 9:37 PM > To: Rich Salz; Trevor Perrin > Cc: dss@lists.oasis-open.org > Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded > > > As I understand it, Rich Salz just did an XML-DSIG interop > report for the W3C XML-DSIG list. Perhaps Rich can enlighten > us whether he agrees with this suggested resolution. > Personally, I have doubts. Either XML-DSIG works as intended > with transforms, cannonicalization and signatures, or, as has > been suggested, there may be problems in the implementations. > If we have to worry about white spaces and line feed/carriage > returns creeping back in for verifications, such that "what > was seen was signed" may or may not be reconstructible and > verifiable, then can we simply treat it as an XML-DSIG issue > and move on? I *stronly* agree with John; if XMLDSIG transforms produce different results in different implementations, this is an XMLDSIG interop problem. /Gregor > > > >Anyways, I just worry that this is more a general XML-DSIG > issue than a > >DSS > >issue, and so we shouldn't expend too much effort trying to > solve it, > >unless we can do it very simply. > > > >> > In addition to the fact that not all > >> > transforms will even *BE* signable > >> > >>Hunh? How so? Are you saying the stylesheet is private? > >> /r$ > > > >A transform (according to XML-DSIG 4.3.3.4) could be just about any > >algorithm, it doesn't have to be XSLT. The approach I > suggested would work > >with any transform, not just those that are representable in > XML like XSLT. > > > >Trevor > > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]