[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Signature Transforms
Hi Ralph,
Remember in Vienna when we went back and forth on whether it is necessary to
create a transform to exclude the Signature element? I'm still not sure. . .
http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/
<Reference URI="">
<Transforms>
<Transform
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath xmlns:dsig="&dsig;">
not(ancestor-or-self::dsig:Signature)
</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>. . .</DigestValue>
</Reference>
This seems to have a Transform excluding the Signature element. However, in our
example on page 54 we have:
<ds:Reference URI="">
<Transforms>
<Transform
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
not(ancestor-or-self::eb:TraceHeaderList or
ancestor-or-self::eb:Via)
</XPath>
</Transform>
</Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<ds:DigestValue>...</ds:DigestValue>
</ds:Reference>
We don't exclude the Signature in the Transform. In Vienna, we decided that
this happened automatically, can you confirm?
Regards,
David Fischer
Drummond Group.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC