[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[KEYPROV] W3C XML Dsig recommendation on defaults

To: "KEYPROV" <keyprov at ietf.org>
Subject: [KEYPROV] W3C XML Dsig recommendation on defaults
From: "Anders Rundgren" <anders.rundgren at telia.com>
Date: Tue, 22 Sep 2009 10:02:42 +0200
Delivered-to: keyprov at core3.amsl.com
List-archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-help: <mailto:keyprov-request@ietf.org?subject=help>
List-id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-post: <mailto:keyprov@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/

"If the Signature includes same-document references, [XML] or [XML-schema]
 validation of the document might introduce changes that break the signature.
 Consequently, applications should be careful to consistently process the document
 or refrain from using external contributions (e.g., defaults and entities)"

If WGLC has not passed I would drop defaults from the PSKC schema or
require "writers" to always create default-free output.

Anders

Prev by Date: Re: [KEYPROV] New version of PSKC
Next by Date: Re: [KEYPROV] New version of PSKC
Previous by thread: [KEYPROV] New version of PSKC
Next by thread: [KEYPROV] I-D ACTION:draft-ietf-keyprov-symmetrickeyformat-06.txt
Index(es):
- Date
- Thread