IETF W3C   XML Signature WG

Chairs: Donald Eastlake and Joseph Reagle
Note Taker: Joseph Reagle [text]


(Sorry for the teleconference problems to that didn't join.)

Review of Outstanding Action Items

Clean up from IETF meeting: slides/minutes < 5 minutes

Signature Syntax & Processing draft questions:

Schemas &/or DTDs < 10 minutes.

Other questions/items from latest posted draft < 15 minutes

Securing Location/Transforms & Levels of indirection, Manifests, References, ... < 15 minutes

Reagle Summary:


The content that is digested (versus earlier intemediary contents that are processed/transformed).

Provoked email thread because

  1. Detected a lack of common understanding of core validation.
  2. Wanted further clarity on the assertions made is Signed Info (as distinguished from Manifest): Distinguish between:
    1. Does SignedInfo mean DigestValue are checked: yes! (If in a Manifest: no, one might take those as trusted assertions.)
    2. Does SignedInfo mean the URL must be dereferenced: no! Only means that the signature operates over the Digested Content.
    3. Does SignedInfo mean the Transforms must be applied? not necessarily. Transforms specifies a set of Content that when Transformed yields DigestedContent.

To rephrase: we are not signing a URL. We are signing the Digested Content, and in an odd sense, the class of documents that yield DigestedContent when transformed in as far as those parts that are kept.


Bartel: Since encoding seems to be different from the other Transforms, propose that we move encoding into Target (as part of the hint):

<ObjectReference URI="" Encoding="UTF-8">

Call seems happy with this.

[Notetakers Question: Can Encoding still appear in the transform, in both places?]

Reagle: say one has to dereference the URL, decode it, XPath it and C14Nize it., if I have a document on hand that has already been XPath'd but no C14Nized, can I just start it mid process?

Solo: Yes: Signer is only saying he signed the DigestContent. Everything else is a hint. If an application knows it does something, it can pick up the chain where it wants.

Bartel: Agrees: if an application applies some of the transforms, save an intermediary step, and completes the other steps later, that is fine

Reagle: The thing I'm not sure about is says there's a sequence of tricky transforms, could someone play a trick?

Reagle: Is there some sort of assertion by the signer such that "there is a class of documents related to this DigestConent via these transforms?"

Solo: No normative assertion, in the end the you are hashing/signing the DigestContent, and if you don't get the right DigestValue, the signature obviously doesn't work.

Eastlake: David might be too stringent, there is some sort of assertion about those other documents.

Boyer: In the users context, he's looking at the thing that is transformed, where certain parts may change or not, not necessarily the DigestContent min I'm focussing.

Reagle: I think we agree that we don't need to make major change in the syntax, we do need to better define the semantics of the assertions within an ObjectReference. Let's take this to the list, please propose a set of assertions that you think are made by ObjectReference.

Todd: in the legal context, sill concerned about the issue of what the user sees and what is signed (particularly) XSLT's. Call feels that the specification makes these distinctions fairly well. ACTION Todd: propose some text (a sentence or two) that he would like to add to spec, WG can then point out where it exists, or adopt.

Boyer: Orthogonal quick question before the call ends: If you use a IDREF, does it include the element within which the ID sets, or only the element's content. Call: IDREF probably returns the element. Boyer: in Richard Himes' scenario, he only wants the content (because that is what is fed into the Base64 decoder if an encoded document is embedded in XML).

Call: suspect if you want only the content, you will have to use a simple XPath like child::text().

[Note taker question: is the IDREF still listed in the ObjectReference, and then the further qualification is in the transform, or does the IDREF/URI="" and the complete Transform follows?]

Con calls versus Thanksgiving/Christmas < 5 minutes

Face to Face meeting arrangements? < 5 minutes