OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [dss] full schema for signing request, dss-proposal-rsalz-02.xsd

At 07:49 PM 9/18/2003 -0400, Rich Salz wrote:

> >   - should you send a value for dsig:Reference/@Type on each dss:Document?
>We could make it optional, since it's optional in the DSIG spec, sure.
> >   - should you include Transforms on each dss:Document, to indicate
> > transforms that have already been performed client-side?  These might be
> > hard to squeeze in an a dss:Parameter later, so they should probably be
> > part of dss:Documents.
>That's an interesting idea.  If they're per-document, than it indicates
>the transforms have already ahppend, but if their in the Parameters, they
>indicate what to do?

Yeah.  If you take a look at the schema I posted, it does the equivalent.

> >   - you include a value for the server to use as a dsig:Reference/@Id.  I
> > think this would be better as part of dss:Property, if it's necessary at
> > all, since this is part of the Reference, not the document.
>I was thinking that for "embed the sig in doc#3" kind of things, you'd
>need an Id.

Could you use an index for referring to the documents, instead of an 
ID?  Or is that less idiomatic?

>   Also, you want the client to be able to specify the ID
>because for things like ws-security, the server won't know all the ID
>attributes in the SOAP message, to it can't be sure of avoiding IDREF

So you're using this for dsig:Reference/@Id, as well as for referring to 
the documents within the protocol itself?  I think these uses should be 
separated, since a single document might correspond to multiple 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]