Re: Clarification on 4.3.3.2 and 4.3.3.3

Hi merlin,

Thank you for your clarification.

merlin said:
> Indeed,see section 3.1.2 of the processing rules (signature
> generation):
> 
> " Note, if the Signature includes same-document references, [XML] or
>   [XML-schema] validation of the document might introduce changes that
>   break the signature. Consequently, applications should be careful
>   to consistently process the document or refrain from using external
>   contributions (e.g., defaults and entities). "
> 
> [ http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html ]
> 
> This clearly states that parsing of the signature document
> itself is application-specific, and may be validating or well
> formed.

I skipped over the note you cited.

----
    Takuya Mori
    moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp
    Internet Solution Platform Development Div.,
    NEC Solutions, Tokyo Japan

Received on Thursday, 11 October 2001 06:00:24 UTC