[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [ebxml-msg] ds:Signature Algorithm
Well, we did, Chris. Did you also forget that you were supposed to provide a Transform XPath to exclude all actor=next? What do you think of mine? Will it work? David. -----Original Message----- From: Christopher Ferris [mailto:chris.ferris@sun.com] Sent: Wednesday, October 24, 2001 10:58 AM To: David Fischer Cc: Doug Bunting; ebXML Msg Subject: Re: [ebxml-msg] ds:Signature Algorithm I don't recall a decision to exclude all Signatures. Cheers, Chris David Fischer wrote: > Yes, I know, there are good cases for both separate signatures and for signing > over previous signatures. > > We decided to exclude all signatures two con calls ago when we could not figure > out how to add a signature without breaking a previous signature (how do you > know which signature to process first and then you must exclude the later > signatures when processing the earlier ones). We decided NOT to discuss, in the > spec, the use of multiple signatures. > > As with all things in this group, nothing is final ;-^. > > Regards, > > David Fischer > Drummond Group. > > -----Original Message----- > From: Doug Bunting [mailto:dougb62@yahoo.com] > Sent: Tuesday, October 23, 2001 5:17 PM > To: ebXML Msg > Subject: Re: [ebxml-msg] ds:Signature Algorithm > > > David, > > Are we really deciding to exclude ALL signature elements? I can see some > very good use cases (validating someone else's signature for example) for > signing a previous signature. > > Separately, when was that decision made? > > thanx, > doug > > ----- Original Message ----- > From: "David Fischer" <david@drummondgroup.com> > To: "Christopher Ferris (E-mail)" <chris.ferris@east.sun.com> > Cc: "ebXML Msg" <ebxml-msg@lists.oasis-open.org> > Sent: Tuesday, 23 October 2001 15:04 > Subject: [ebxml-msg] ds:Signature Algorithm > > > Chris, > > Since we are deciding to exclude ALL signature elements, shouldn't we get > rid of the > http://www.w3.org/2000/09/xmldsig#enveloped-signature algorithm and just > use: > > <XPath> not(ancestor-or-self::ds:Signature) </XPath> > > which would exclude ALL ds:Signature elements? Or better yet: > > <XPath> not(ancestor-or-self::ds:Signature | > ancestor-or-self::*[@soap:actor="http://oasis-open.org/committees/ > ebxml-msg/nextMSH"] | > ancestor-or-self::*[@soap:actor="http://schemas.xmlsoap.org/soap > /actor/next" ] ) > </XPath> > > Regards, > > David Fischer > Drummond Group. > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> > ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC