[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] Discussion on outstanding issues for the core.
At 10:50 PM 5/13/2004 +0200, Andreas Kuehne wrote: >Hi Trevor ! > >Shame on me, I missed to follow the list for some days ... > >Iirc we discussed it on the F2F shortly because someone thought that you >need DTD/schema for evaluating an XPath expression. What's definitely not >true ... You at least need some way to identify ID attributes, right? >Can you tell me, why we need to know anything about the DTD/schema of the >documents to be signed ? On signing, we don't need this, because the client sends the input documents and their URIs. On verifying, you can do things "old-style" and not need this, because then the client also sends the input documents and their URIs. However, in the latest draft, the client also has the option of not separating the input documents from signatures, in the cases of enveloped or enveloping signatures. If the client uses this option, the server will evaluate the barename XPointers to get to the input documents. So in this case we need to indicate DTDs. At least that's my understanding. Though I'm not really sure if a single DTD for the entire <SignRequest> is the correct way to do this, perhaps the DTDs need to be scoped more specifically just to the particular documents they apply to. Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]