[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: Way forward on issues
Dear All, Our objective is top clear off all the issues as much as possible at Monday's conference call, and by the end of next week at the latest so that Stefan call produce a revised Core for completion in July. In order to meet this objective Stefan, Juan Carlos and I consider the following resolutions best respresent the current consensus on the outstanding issues. Nick (Note see also Comments document: http://www.oasis-open.org/apps/org/workgroup/dss/download.php/12641/oasis-ds s-1.0-comments-track-wd-02-dl-20050515.doc ) > - Enveloping signatures Core only supports transformations done at server end. Handling enveloping for other use cases may be defined in future profiles. > - Namespace inheritance The core supports use cases where either: a) all transformations required fopr signature, including canonicalization, are done at the client end, b) all transformations required for the signature are applied at the server end. Future profiles may define procedures for other use cases for some transformations done in the client and some in the server. > 2.1 XMLData encoding issue The core defines use of base64 for encoding binary documents, and use of either: Escaped XML or Base64 for XMLData Note: In the situation where the client applies transformations, including Canonicalization, to XML then it is recommended that Base64 is used, otherwise Escaped XML should be used. (JC - I thought of the use case that would make Base64 encoding of XML a good idea as above) > 2.2 Exclusive canonicalisation By default where server is not applying transforms other than "normal" canonicalization then after extracting the XML document from the DSS protocol envelope, without taking inherited namespaces and attributes, standard (c14n) canicalization is applied. In situations where the server is applying other transforms then the server shall apply the appropriate form of canonicalization and indicate the transforms applied, including canonicalization if necessary, in the DS:SignedInfo. > 2.3 Unique Particle attribution Use solution 1 in comments tracking document (This is in line with XMLDSig) > 2.4 Ambiguity in section 3.5.8 Provide text describing enveloping in line with decision above under enveloping > 2.5 XPath expression's comment Update as proposed by Konrad (see line 205 of comments document) > 2.9 Document vs. Signature Validation No change to the core. A simplified subset of the core may be defined in future profile(s).
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]