[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: In reply to: Reference element in page 23 of CPP/A Spec
Himagiri Mukkamala wrote: >1) Reference element for ProcessSpecification specifies Digest method as > >http://ww.w3.org/2000/09/xmldsig#dsa-sha1. > >XMLDSIG spec has only one digest algorithm mentioned and that is > >http://ww.w3.org/2000/09/xmldsig#sha1 I think we should specify the latter algorithm (except "www" instead of "ww"). I'll record the issue. >2) Wouldn't we need the whole "Signature" element instead of just >the reference element for the ProcessSpecification so that >it can be verified No, the ds:Reference element contains sufficient information to verify the referenced process specification document. Sections 7.5.4 and 8.7 contain several passages on the the use of ds:Reference elements in relation to ds:Signature elements, including the following from Section 7.5.4.5: NOTE: It is recognized that the XML Digital Signature specification[XMLDSIG] provides for signing an XML document together with externally referenced documents. In cases where a CPP or CPA document is in fact suitably signed, that facility could also be used to ensure that the referenced Process-Specification documents are unchanged. However, this specification does not currently mandate that a CPP or CPA be signed. >-h Tony _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC