Re: XMLDSIG proposal: enveloped signatures, xpath and here()

Isn't the problem of relocatable signatures more to do with the
fact that the Signature element (and its children) rely on parent
namespace declarations, so it can not be moved to another document
with a different namespace hierarchy?

--Kevin

> 
> The problem of relocatable signatures is an interesting one,
> however it can be solved in two ways. One is for the signatures
> to use null references; the referenced data is implicitly the
> associated datum, known to the appication. Alternatively, use an 
> XPointer in the reference to identify the relevant data (I believe
> that is the correct technology) and then an XPath, if necessary,
> to select from it:
> 
>   <Reference URI='#xpointer(../../previous-sibling)'>
> 
> Technologically, all verifiers which support XPath transforms
> contain the necessary tools for XPointer resolution. So adding
> a need for this is a minimal burden.
> 
> Merlin
> 

Received on Monday, 24 July 2000 18:12:12 UTC