[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] full schema for signing request
> - Document/Data is *always* base64 encoded, but it has a MimeType > attribute. I don't think we want to send unencoded XML data, because > there might be an ID collision? So can we just require base64 for all > input documents, and use "text/xml" to indicate XML? I'm fine with that. Once SOAP gets an official attachment mechanism, we don't have to do that. > - Each InputDocument has an ID, and SignedReference/@WhichInputDocument > is an IDREF > - Each InputDocument has a refURI and refType. The server will use > these to populate the dsig:Reference attributes > - Each SignedReference has a refID attribute. The server will use this > to populate the dsig:Reference attribute Those seem good. > - There's no flag to indicate "Envelope this". Can we assume the > server can determine this from InputDocument/refType? I.e., if the > refType is Object, SignatureProperties, or Manifest, then it's > enveloped, otherwise not? I don't have a problem with that, but this might be controversial for some. Nice job! /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]