W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

Re: Re: XPath Expression

From: merlin <merlin@baltimore.ie>
Date: Thu, 02 Aug 2001 15:18:11 +0100
To: edsimon@xmlsec.com
Cc: reagle@w3.org, bdournaee@rsasecurity.com, w3c-ietf-xmldsig@w3.org
Message-Id: <20010802141811.5B04B43D32@yog-sothoth.ie.baltimore.com>

I'd guess that something like not ((name() = "URI") and parent::dsig:Reference)
might work.

merlin

r/edsimon@xmlsec.com/2001.08.02/09:37:38
>>>This would allow me to change the URI without altering the validity of
>the
>>>signature.
>>
>>If it's being used in the Canonical XML context, remove the '//@*' from:
>>         (//. | //@* | //namespace::*)
>
>
>Correct me if I'm wrong but wouldn't the above remove ALL attributes, not
>just the one Blake wants removed.
>
>I'm not sure that there is an XPath solution but the solution in XSLT would
>look like this:
>
>
><?xml version="1.0" encoding="UTF-8"?>
><xsl:stylesheet version="1.0" 
>  xmlns:xsl ="http://www.w3.org/1999/XSL/Transform"
>  xmlns:xmlsig="http://www.w3.org/2000/09/xmldsig#">
>
><!-- Identity transform -->
><xsl:template match="@*|node()">
>  <xsl:copy>
>    <xsl:apply-templates select="@*|node()"/>
>  </xsl:copy>
></xsl:template>
>
>
><!-- Skip the Reference/@URI attribute -->
><xsl:template match="xmlsig:Reference/@URI" priority="2"/>
>
>
></xsl:stylesheet>
>
>
>--------------------------------------------------
>Ed Simon
>XMLsec Inc. - XML Security Training and Consulting
>
>


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com
Received on Thursday, 2 August 2001 10:18:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC