Original message from public-xmlsec-comment list, sibling issue from Frederick Hirsch on 2014-08-27 (public-xmlsec@w3.org from August 2014) (original) (raw)

Here is the original message sent to public-xmlsec-comment, for the record

http://lists.w3.org/Archives/Public/public-xmlsec-comments/2014Jul/0000.html

From: helpcrypto helpcrypto <helpcrypto@gmail.com> Date: Tue, 29 Jul 2014 09:30:01 +0200 Message-ID: <CAHMQSgsoLcL4LsaAwVctu5WAuzc7ps_CsBOv8Hgi=V_pZ2tJrw@mail.gmail.com> To: public-xmlsec-comments@w3.org

Hi.

Altough XMLDSig [1] is quite old, stable and well-known, I havent been able to understand (maybe a translation/missunderstanding issue) the detached signatures properly.

According to [2]: "The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs."

Ok. Detached elements...

"This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements."

Ok. Signature and object in the same XML doc and siblings.

As stated in [3] (I't seems the standard doesnt distinguish between internal/external) "the signature and data can be in separate files or in the same XML file as sibling elements"

Shall I understand the "internally detached" unique valid signature is where signature and data are brothers (or sisters) [have the same parent]?

*Is the following example a valid detached signature? *

Thanks a lot for your help Regards

[1] http://www.w3.org/TR/xmldsig-core/

[2] http://www.w3.org/TR/xmldsig-core/#def-SignatureDetached

[3] http://msdn.microsoft.com/en-us/library/ms759193%28v=vs.85%29.aspx

regards, Frederick

Frederick Hirsch, Nokia Chair DAP @fjhirsch

Received on Wednesday, 27 August 2014 13🔞05 UTC