ISSUE-162: Need to reconcile new 2.0 processing model/transform with legacy Object/Manifest material
Need to reconcile new 2.0 processing model/transform with legacy Object/Manifest material
- State:
- CLOSED
- Product:
- XML Signature 2.0
- Raised by:
- Scott Cantor
- Opened on:
- 2010-01-05
- Description:
- The old spec includes several features related to unusual wrapping and referencing of content to sign, and this material is inconsistent with the new text on selection.
Will reliable determination of Object element type and encoding be possible under 2.0 Transform?
In XML Signature 1.1 the following discussion is relevant:
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-Object
specifically, [[ Applications which require normative type and encoding information for signature validation should specify Transforms with well defined resulting types and/or encodings. ]]
The Signature 2.0 will only have one transform, so transforms will typically not be used to determine type and encoding for Object. Another means should be provided, or normative language updated appropriately.
- Related Actions Items:
ACTION-557 on Scott Cantor to Edit ISSUE-162 to reflect need to include object and manifest in 2.0 - due 2010-04-27, closedACTION-544 on Pratik Datta to Review ISSUE-162, regarding Object/Manifests language and transforms - due 2010-06-15, closed- Related emails:
- Agenda - Distributed Meeting 2010-07-06 (from Frederick.Hirsch@nokia.com on 2010-07-02)
- Agenda - Distributed Meeting 2010-06-29 (from Frederick.Hirsch@nokia.com on 2010-06-28)
- draft minutes 2010-05-25 (from tlr@w3.org on 2010-05-27)
- Agenda - Distributed Meeting 2010-04-27 (from frederick.hirsch@nokia.com on 2010-04-26)
- Draft minutes: XML Security WG 2010-04-20 (from tlr@w3.org on 2010-04-21)
- Updated minutes from 2010-03-09 (v2) (from frederick.hirsch@nokia.com on 2010-03-10)
- Minutes 2010-03-09 (from frederick.hirsch@nokia.com on 2010-03-09)
- Re: Agenda - Distributed Meeting 2010-03-09 (from tlr@w3.org on 2010-03-09)
- Agenda - Distributed Meeting 2010-03-09 (from frederick.hirsch@nokia.com on 2010-03-08)
- Draft minutes 2010-03-02 (from frederick.hirsch@nokia.com on 2010-03-02)
- Agenda - Distributed Meeting 2010-03-02 v2 (from frederick.hirsch@nokia.com on 2010-03-01)
- Updated draft minutes from 23 February, for review and approval (from frederick.hirsch@nokia.com on 2010-03-01)
- Agenda - Distributed Meeting 2010-03-02 (from frederick.hirsch@nokia.com on 2010-02-25)
- new ISSUE-162: signature 2.0, can Object type and encoding be determined reliably? (from frederick.hirsch@nokia.com on 2010-01-05)
Related notes:
Ed noted an explicit issue with the old text mentioning the ability to sign only the content of an Object element, which the new selection model can't do.
http://lists.w3.org/Archives/Public/public-xmlsec/2010Apr/0032.html
(item 7)
New text in 2.0 document, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-Object :
Applications that require normative type and encoding information for signature validation should specify the Type and possibly SubType in the Selection element ("2.0 mode") or specify Transforms with well defined resulting types and/or encodings ("compatibility mode").
Display change log