[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: core spec problem: Resolving references on Verify
The Basic Processing Algorithm for Verifying XML Signatures has a problem. In 4.3.1, it says "For each <ds:Reference> in <ds:Signature>, the server finds the input document with matching RefURI and RefType values." However, there may be multiple such input documents, with different <ds:Transform>s from the client-side. Perhaps change the text to: """ For each <ds:Reference> in <ds:Signature>, the server looks for a matching input document. An input document matches a <ds:Reference> if all of the following conditions hold: - The input document's RefURI attribute equals the <ds:Reference>'s URI attribute, or both attributes are missing. - The input document's RefType attribute equals the <ds:Reference>'s Type attribute, or both attributes are missing. - The N transforms specified by the input document's <ds:Transforms> element are identical to the first N transforms in the <ds:Reference>'s <ds:Transforms> element, and the server is capable of applying the subsequent transforms in the <ds:Reference>. If the input document is missing a <ds:Transforms> element, set N = 0. """ Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]