Assume a source document like this: <foo xml:id='x'> <bar> <subset> .... </subset> </bar> </foo> 1. Sign this with an XPath transform that picks the subset. Someone who can verify the signature must be using c14n 1.0; if the signature doesn't verify something's broken. 2. Modify the source document so that the xml:id now appears on the 'bar' element and verify the signature. We expect the same results as #1 and have the additional property that we can show how c14n 1.0 is insecure :) #3. Modify the source document so that the xml:id now appears on the subset element. The behavior of 1.0 is unchanged, the behavior of 1.1 depends on the XPath expression (whether subset's attributes are included or not) Hmm, now that I write it down this still seems interesting, but perhaps not as pragmatically useful as I first thought. /r$ -- STSM Senior Security Architect DataPower SOA AppliancesReceived on Thursday, 3 May 2007 18:14:34 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:59 GMT