James M Snell wrote:
the ability to omit the author element from a contained if the
containing feed has an author...
Signed entries should include a source element and that source element
should contain any of the feed level elements that the entry depends on.
This is one of the reasons th
OK, so given the arguments I previously posted in my response to Dan +
the assertion that digitally signing individual entries will be
necessary, the only real possible solution would be to come up with a
canonicalization scheme for digitally signed Atom entries. When applied
to an entry, th
On Jun 20, 2005, at 11:17 PM, James M Snell wrote:
The thought here then is that feeds would not be considered atomic
units and that elements can be pulled as is out of a
containing element and passed around independently of it.
That's basically the idea, yes.
That really doesn't seem to
James M Snell wrote:
Question: should we only allow signing of the entire document or are there
valid use cases for allowing each individual entry in the feed to be
individually signed?
We definitely need to be able to sign each entry. This is necessary so
that we can passed signed content
Dan Sandler wrote:
On Jun 20, 2005, at 4:15 PM, James M Snell wrote:
Question: should we only allow signing of the entire document or are
there valid use cases for allowing each individual entry in the feed
to be individually signed?
I believe that individually signed entries are essentia
On Jun 20, 2005, at 4:15 PM, James M Snell wrote:
Question: should we only allow signing of the entire document or are
there valid use cases for allowing each individual entry in the feed
to be individually signed?
I believe that individually signed entries are essential for a couple
of Ato
OK, thanks to the feedback that has already been offered in this thread
I've been able to make progress on the XML Encryption side of this. Now
to the digital signature side. I'd like to get some opinions on the
following question:
The spec already allows enveloped XML signatures for the d
On Fri, Jun 17, 2005 at 12:02:43AM -0400, Bob Wyman wrote:
>BTW: I think the "best" way to implement the application you describe is
> probably via a combination of Push and Pull. If you're updating as rapidly
> as you say you are, then it would make sense to push the updates to the
> clie