| CARVIEW |
Select Language
HTTP/2 200
date: Sat, 11 Oct 2025 02:28:44 GMT
content-type: text/html
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 18:08:56 GMT
cache-control: max-age=2592000, public
expires: Sun, 09 Nov 2025 21:30:21 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-request-id: 98c937ec2bcddbcc
strict-transport-security: max-age=15552015; preload
x-frame-options: deny
x-xss-protection: 1; mode=block
cf-cache-status: HIT
set-cookie: __cf_bm=zyNIgjFIzN9egHiEi1gF3AhiIKE1vFFSTpYQ_O8b0EM-1760149724-1.0.1.1-r1FRpYuDHKlNn.jvY1nNkFV5v_wG_a6Pdz5kUNEceif7M0Talvt6GwyWmpAlK7lQtXDx7PKEcA3w0xr_iJdjWYHNloFwNuiZimsxDEOMsGw; path=/; expires=Sat, 11-Oct-25 02:58:44 GMT; domain=.w3.org; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 98caed010e678cf1-BLR
alt-svc: h3=":443"; ma=86400
Original message from public-xmlsec-comment list, sibling issue from Frederick Hirsch on 2014-08-27 (public-xmlsec@w3.org from August 2014)
Original message from public-xmlsec-comment list, sibling issue
- From: Frederick Hirsch <w3c@fjhirsch.com>
- Date: Wed, 27 Aug 2014 09:17:33 -0400
- To: "public-xmlsec@w3.org List Public" <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <w3c@fjhirsch.com>
- Message-Id: <3CF4A496-987D-4DCC-91B8-D3CF389F0F66@fjhirsch.com>
Here is the original message sent to public-xmlsec-comment, for the record https://lists.w3.org/Archives/Public/public-xmlsec-comments/2014Jul/0000.html > From: helpcrypto helpcrypto <helpcrypto@gmail.com> > Date: Tue, 29 Jul 2014 09:30:01 +0200 > Message-ID: <CAHMQSgsoLcL4LsaAwVctu5WAuzc7ps_CsBOv8Hgi=V_pZ2tJrw@mail.gmail.com> > To: public-xmlsec-comments@w3.org Hi. Altough XMLDSig [1] is quite old, stable and well-known, I havent been able to understand (maybe a translation/missunderstanding issue) the detached signatures properly. According to [2]: "*The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs.*" Ok. Detached elements... "*This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements.*" Ok. Signature and object in the same XML doc and siblings. As stated in [3] (I't seems the standard doesnt distinguish between internal/external) "the signature and data can be in separate files or in the same XML file as sibling elements" Shall I understand the "internally detached" *unique valid signature* is where signature and data are brothers (or sisters) [have the same parent]? *Is the following example a valid detached signature? * *<root>* * <my-data>* * <node Id="n"></node>* * <my-data>* * <my-sign> * * <signature ref="n"></signature> </my-sign>* *</root>* Thanks a lot for your help Regards [1] https://www.w3.org/TR/xmldsig-core/ [2] https://www.w3.org/TR/xmldsig-core/#def-SignatureDetached [3] https://msdn.microsoft.com/en-us/library/ms759193%28v=vs.85%29.aspx regards, Frederick Frederick Hirsch, Nokia Chair DAP @fjhirsch
Received on Wednesday, 27 August 2014 13:18:05 UTC