W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2002

Re: Enveloped Signature Transform

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Fri, 01 Feb 2002 14:49:41 +0100
To: Pavel Zavora <zavora@systinet.com>, w3c-ietf-xmldsig@w3.org
Message-id: <3257667029.1012574981@crypto>
--On Freitag, 1. Februar 2002 04:51 -0500 Pavel Zavora 
<zavora@systinet.com> wrote:

> I have to solve the following problem with the Enveloped Signature
> Transform.
> According to the definition of the here() function and XPATH predicate
> defined in
> http://www.w3.org/Signature/Drafts/xmldsig-core/#sec-EnvelopedSignature
> subchapter, it is clear that enveloped signature signs/verifies "all" but
> not self.  Is it also possible to sign/verify the same XML document by
> using more than one enveloped signatures?
> Example:
> <test:a ...>
>   ...
>   <ds:Signature ... >...</ds:Signature> <!-- first signature refers to
> test:a -->    <ds:Signature ... >...</ds:Signature> <!-- second signature
> refers also to test:a -->  </test:a>
> Both of these signatures contain enveloped transform and refer to the
> same "test:a" element.  According to the specification the first
> signature should sign the second one and the second one should sign the
> first.  The same problem arise during verification phase. Is there any
> reccomendation for this case?

When you add sig1 to the document, you sign the document (which does 
include sig1 and the data) and exclude sig1. Then you add sig2 which signs 
the document (data + sig1 + sig2) and then exclude sig2;

Verification of sig2 will work ok, but verification of sig1 fails: You 
verify the document (data + sig1 + sig2) and exclude sig1. So you verify 
(data + sig2) which was not signed (only data was signed).

Solution: Use an XPath which omits all Signature, not only the current one.

Received on Friday, 1 February 2002 08:48:18 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:37 UTC