[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded
Gregor, This is based on more general experience that the more different systems process data between signing and verification the less chance there is that the signature will verify. I recognise the solution to this issue is outside the scope of DSS as mentioned in the discussions over the weekend. I personally believe, however, that rather than apply the signature to the transformed data it would be better to sign the original XML and the style sheet. Nick > -----Original Message----- > From: Gregor Karlinger [mailto:gregor.karlinger@cio.gv.at] > Sent: 31 March 2003 08:25 > To: 'Nick Pope'; 'Trevor Perrin'; karel.wouters@esat.kuleuven.ac.be; > dss@lists.oasis-open.org > Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded > > > Nick, > > > > -----Original Message----- > > From: Nick Pope [mailto:pope@secstan.com] > > Sent: Friday, March 28, 2003 1:08 PM > > To: Trevor Perrin; karel.wouters@esat.kuleuven.ac.be; > > dss@lists.oasis-open.org > > Subject: RE: [dss] Groups - dss-requirements-1.0-draft-02.doc uploaded > > > > > > Trevor, > > > > My concern with the signing of the data after an XSLT > > transform has been > > applied is that the chances of two independent > > implementations of XSLT to > > get exactly the same byte-by-byte value for all possible > > styles is fairly > > low, event though they will look the same. > > If this really happens, we have an interop problems between different > implementations of XMLDSIG. > > Have you already experienced such problems? > > /Gregor >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]