[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Signature Verification Output
Trevor, > -----Original Message----- > From: Trevor Perrin [mailto:trevp@trevp.net] > Sent: Monday, March 31, 2003 7:07 PM > To: dss@lists.oasis-open.org > Subject: [dss] Signature Verification Output > > > > One big remaining question: does the verification service just: > A) verify the signature (return true/false), or > B) return the transformed data, and other signature-related > info to the > client in an easy-to-read form > > The current requirements document says the latter (3.7.2 and > 3.7.3), but > that's tentative. Should those sections stay in or not? I think it is not necessary to return the transformed data in every case. Instead, the requester should be able to specify wheter he wants this additional information or not. However, I *strongly* believe that the ability to get back the transformed data is an important feature. Otherwise the client must process the transforms himself to find out about the actually signed data. This means that he needs C14N algs implementations, an XPath implementation, an XSLT imple- mentation, ... /Gregor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]