W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2001

Re: New XML Signature implementation and Update for Inter-Op

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Mon, 15 Oct 2001 10:29:27 +0200
To: w3c-ietf-xmldsig@w3.org
Cc: merlin@baltimore.ie
Message-id: <2414387976.1003141767@pinkpanther>
Hi all,
hi Merlin,

I have to attach the sample, again. The former one did not verify cause I 
tried to re-create a very sophisticated Reference from Merlin, and my 
implementation is not able to create something like this.

Merlin, the Reference:

        <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
          <Transforms>
            <Transform 
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
              <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
                ancestor-or-self::dsig:SignedInfo
                  and
                count(ancestor-or-self::dsig:Reference |
                      here()/ancestor::dsig:Reference[1]) &gt;
                count(ancestor-or-self::dsig:Reference)
                  or
                count(ancestor-or-self::node() |
                      id('notaries')) =
                count(ancestor-or-self::node())
              </XPath>
            </Transform>
          </Transforms>
          <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" 
/>
          <DigestValue>DkRNHKuQgDiTy9XAAMGbyydg3BI=</DigestValue>
        </Reference>

was really horrible. I could not generate something like this... Do you see 
a case where something like this is needed? I can verify it, but I can't 
create that from scratch, because the References are filled with 
DigestValues sequentially. Did you create that Reference at last and then 
insert it in the middle of your SignedInfo? Wow - geek stuff ;-))


Best regards,
Christian


Received on Monday, 15 October 2001 04:27:22 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:14 GMT