Looks like merlin-xmldsig-sixteen has been deprecrated....and we are
WAY behind the times, we need to update to latest interop tests

- 
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/att-0016/01-merlin-xmldsig-twenty-three.tar.gz
- 
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2003JulSep/att-0018/phaos-xmldsig-three.zip

details are at: http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html

thanks,
dims 

On Sun, 09 May 2004 21:12:51 +0200, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> 
> Hi,
> 
>     My patch don't handle well this test case. It seems that it take on
> account that the signed info is going to be c14n, reparsed & reimported.
> But this is not alway the case. The SignedInfo is not c14n and
> reimported if the c14n method is "safe". As stated in the second
> paragraph of this mail
> http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html.
> And also in the REC
> http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod-NOTE, it
> saids clearly that the above behavior is not always but only for
> arbitrary c14n methods.
> 
>    What do you think is the good behavior? For me it is weird to have a
> test case that relays in this kind of unstandard behavior. And the parse
> and imports is a very wasteful process that need to be only done with
> insecure c14n. But if you think that the test is correct I can correct
> my patch and send it back again.
> 
> Regards
> 
>

Reply via email to