RE: [dss] Compound operation Verify & Sign

[Trevor Perrin <trevp@trevp.net>]

At 06:28 PM 11/4/2003 +0000, Nick Pope wrote:

>Ed,
>
>Can I repeat that how the Options and Outputs elements are described is that
>they are structures specified in the Core but selected as required by
>profiles.
>
>As the specification is currently written, the Optional elements defined in
>the core are NOT required to be supported by all profiles.  The just provide
>generally useful components that can be used by profiles as appropriate.
>
>Whilst there may be different Options for the different type of update that
>is required for a signature, I still believe that it is worth defining in
>the common "core" specification, the syntax for a signature element that may
>be used by all the different profiles that produce an updated signature.  I
>agree how the server produces the signature and it's content is dependent on
>the profile, but if we define a common "bucket" into which updated
>signatures are handled the client does not need to be concerned about these
>details and use a common approach to handling the updated signature.

Currently, we have a <dss:Signature> element for returning 
signatures.  This can contain a signature (whether XML-DSIG or a binary 
format like PGP or CMS), or it can "point" to one (so that if the signature 
is being returned embedded in a signed document, the <dss:Signature> can 
just indicate it).

So I guess we could re-use this element for this bucket, something like:

<dss:UpdatedSignature>
   <dss:Signature>...</dss:Signature>
</dss:UpdatedSignature>

Would that work?

Trevor