- All IETF drafts now require a patent statement a the top of the draft. Such a statement
should be added to the document.
ACTION Reagle: Add link in W3C status to patent
statements now on Web site. We'll add the IETF disclosure to the IETF version when
generated.
- Example in section 2.0 should be a DSS example as this is the mandatory example. I
assume that at some point this will be come a verifiable example as well.
WG Agrees..
ACTION Solo: will change example, and we will hopefully have a verifiable example at some
point.
- Section 3.0 -- In the ATTLIST SignatureValue is misspelled.
ACTION Reagle Fix.
- Section 3.0 -- SignatureValue is no longer an empty-tag element.
ACTION Reagle Fix.
- Section 3.0 - Insert reference to Base64.
ACTION Reagle Fix.
- Based on input from mailing list -- please change c14nAlg as an element to fully spelled
out.
ACTION Reagle: move from c14n to canonicalization. In the XML canonicalization.
Text we can keep for the time being. Bartel would like Alg spelled out too. No agreement
-- but no opposition either really.
- Section 4.3.1 - I know that we were one of the people who wanted to make the location
optional. What we had in mind was the following statement: "If the location is
omitted, then the content being signed is the first Object in the immediate surrounding
Signature."
Solo's scenario is closer to what Don sent than the Fox/Schaad.
Clarify: if omitted assumed that the application knows what to do.
- Section 4.3.5 - This is no longer an empty-element tag.
ACTION Reagle: fix.
- Section 5.0 -- there are two DTD definitions for Object here.
ACTION Reagle: delete
second one.
- Section 6.0 -- The DTD appears incorrect. ANY can only occur once and not with any of
the current defined items. Should ANY be inside of the *?
Agreed. Don says one can
rewrite to do it right. ACTION Reagle: fix it. Solo: This section is presently
heavily underspecified. Add a comment that it requires significant additional work.
- Section 7.1 -- Please remove all references to MD5. We should not be pushing the older
potentially bad hash algorithms (after all MD2 is not here either). SHA1 will cover our
needs until the AES hash algorithm comes along
Agree: remove MD5.
Agree: remove AES from table, include sentence that we expect additional digest algorithms
can be used in the future.
ACTION Reagle: Fix the table.
Eastlake: suggests changing ECDSA to optional.
David will add ANSI reference if he can find it.
- Please remove references to AES algorithms. There will be a block cipher finalist next
year and there is no hash yet.
- Section 8.1
- Step 2 - "Calculate the digest over the result of the
transformations."
- Step 3 - formatting on objectreference is incorrect.
- Step 4 - space between SignedInfo/Element
- Step 5 - references step d
- Step f) - should be moved to step 6.
- Section 8.2
- Step 6 - references steps c and d.
- Remove last sentence of step 6 -- this would go to description of
canonicazation. ACTION Solo: clarify section 8.
- We assume that the editorial comments will be removed in the process of creating an IETF
I-D.
Action REAGLE: Move most comments to open issues section.
ACTION Boyer: will write up a proposal for 7.6 using "Recommended" term.