Paul Hoffman wrote:
Does this requirement restrict our ability to use exclusive c14n on
individually signed entries within a feed document?
No and no. My new proposed wording is:
Atom Processors that verify signed Atom Documents MUST
be able to canonicalize with Canonical XML.
That requires that a recipient, at a minimum, be able to handle
messages that are canonicalized with Canonical XML. It does not limit
the kinds of canonicalization that the sender can choose: it only says
that the sender can only assume the recipient can do Canonical XML
unless they have other out-of-band knowledge.
--Paul Hoffman, Director
--Internet Mail Consortium
Excellent. The new wording is definitely better.
Another thing to throw out here: with this extended coverage on dsig,
also adding a bit of information on how to handle signed entry envelopes
would pretty much eliminate the need for me to produce a separate doc.
There are basically only two remaining requirements: a. use of ex-c14n
when signing individual entries within a feed and b. recommended
inclusion of a source element in signed entries. What are your thoughts
on including these in the changes? Is that possible / desirable at this
point?
- James
