On 2/1/11 1:41 PM, Arthur Barstow wrote:
Hi Marcos,
On Jan/31/2011 2:18 PM, ext Marcos Caceres wrote:
On 1/31/11 7:52 PM, Arthur Barstow wrote:
Andrey - on January 26, Marcos proposed changing the c14n algorithm in
[1] and [2] and notified the group in [3] that he updated the Editor's
Draft [ED] to reflect his proposal. He included rationale in [1].
Marcos - in what way(s) does your proposal break the signer and
validator conformance classes as defined in the June 2010 CR [CR]?
It would remove all references and dependencies on XML
Canonicalization 1.1 in favor of XML Canonicalization 1.0. Explicit
<tranform> to Canonicalization 1.1 would no longer be needed (XML Dig
Sig just defaults to 1.0). Everything else stays the same.
If an "old" widget is signed according to [CR] i.e. uses the ExC14N
algorithm and a "new" validator is implemented according to the proposed
changes (now reflected in [ED), then what happens when this new
validator process this old widget? Based on what you and I just
discussed in IRC, I believe the validation will fail. Correct?
Correct.
It would be useful if we had at least a general idea regarding the
number of widgets "in the wild" that are signed using the ExC14N
algorithm. If anyone has relevant data, please send it to this mail list.
Absolutely!
--
Marcos Caceres
Opera Software
