Another possible alternative approach would be to have signed entries
include a special container for metadata additions that is expressly not
covered by the Signature via a Transform. (the name "annotations" for
the tag is just a strawman for discussion purposes)
e.g.
<entry>
<annotations xmlns="...">
</annotations>
<Signature>
<!-- enveloped signature transform + transform that excludes any
child <annotation xmlns="..." elements />
</Signature>
</entry>
I'm still thinking through this.
- James
Antone Roundy wrote:
On Wednesday, June 29, 2005, at 01:47 PM, James M Snell wrote:
8. Aggregators and Intermediaries MUST NOT alter/augment the content
of digitally signed entry elements.
Just mulling over things...
Obviously, we don't have any way to annotate signed entries without
breaking the signature. I hesitate to introduce new complexity, so I
don't know whether I LIKE the idea I'm about to write about, but here
it is. If you want to annotate a signed entry, or even annotate an
unsigned one but keep your annotations separate, you might do
something like this:
<feed ... >
[feed metadata]
<ex:annotation entry-id="foo">
<ex:entry-signature>the entry's signature goes
here</ex:entry-signature>
[this annotation could be signed here]
<ex:some-annotation-element>...</ex:some-annotation-element>
...
</ex:annotation>
...
<entry>
<id>foo</id>
[entry's signature here if signed]
...
</entry>
</feed>
Notes:
1) <ex:entry-signature> is optional, but recommended if the entry is
signed and the annotation is signed.
2) Multiple annotations could point to the same entry
3) It could be requested that aggregators forward annotations along
with their entries...but of course, that's optional, and they could
certainly be dropped at the request of the end user if they only want
to see the originals.
4) It might be recommended or required that <ex:annotation> elements
appear before the entries they annotate (whether above all entries or
interspersed with them) to make life easier for processors that
finalize their processing of entries as soon as they hit </entry>
rather than doing it after they've parsed the whole document.
5) Aggregators COULD attach annotations from various sources when
outputting entries, even if those annotations never appeared together
within a feed before.
6) I don't see any way to choose between conflicting annotations.
