[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Signature Verification Output
> -----Original Message----- > From: Rich Salz [mailto:rsalz@datapower.com] > Sent: Wednesday, April 02, 2003 12:31 AM > To: Gregor Karlinger > Cc: 'Anthony Nadalin'; dss@lists.oasis-open.org > Subject: RE: [dss] Signature Verification Output > > > > I am not sure if you would be happy if I sent you an XML signature > > with a dsig:Reference containing a - possibly long and > complicated - > > chain of transforms; and your client application tells you: "Well, > > Gregor sent you a signed message; the signature seems to be valid. > > However I cannot tell you what the content of the message is about, > > since I have no means to process the transforms specified in the > > signature" ... > > If you can't process the transforms than you can't validate > the signature. Validation will be delegated to a DSS :-o > But that point aside, yes, I would be happy. I don't expect > CryptoAPI to be able to render HTML ... But CryptoAPI will provide you with the bytes actually signed, won't it? /Gregor > /r$ > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]