Enveloped signatures and XPath from Petteri Stenius on 2000-03-22 (w3c-ietf-xmldsig@w3.org from January to March 2000)

From: Petteri Stenius <Petteri.Stenius@remtec.fi>
Date: Wed, 22 Mar 2000 19:39:19 +0200
To: "IETF/W3C XML-DSig WG (E-mail)" <w3c-ietf-xmldsig@w3.org>
Message-ID: <CD0FF8F92CA8D311B9AB00105A14D55724AE@server.remtec.fi>

Hello,

A question regarding requirements of the XML Signatures spec, specifically
enveloped signatures and XPath requirement.


The spec reads (chapter 10):

"Signature, Enveloped 

The signature is over the XML content that contains the signature as an
element. The content provides the root XML document element. Obviously,
enveloped signatures must take care not to include their own value in the
calculation of the SignatureValue."


The interop requirements doc reads:

"Feature: Enveloped Signature MUST   
	requires: XPath selector that drops SignatureValue"


I remember there was some talk about this at the FTF meeting in San Jose. It
was discussed that it could be possible to detect this particular XPath
expression without implementing the entire XPath support.

Has anyone worked out a (standard?) XPath expression for excluding the
Signature or SignatureValue element?


Petteri


--
Petteri Stenius                            Petteri.Stenius@remtec.fi
Remtec Systems, Ltd.                           Office +358-9-5259240
                                                 Fax +358-9-52592411
http://www.remtec.fi/                         Mobile +358-50-5506161

Received on Wednesday, 22 March 2000 12:39:04 UTC