W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2005

verification anomaly

From: Martin Labarthe Dubois <dubois@consist.com.ar>
Date: Thu, 9 Jun 2005 14:11:28 -0300
Message-ID: <00a301c56d16$463df1e0$3c0201c0@consist.com.ar>
To: <w3c-ietf-xmldsig@w3.org>
Hello,

must be applied c14n transformation by default to the referenced areas? 


--------------------------------------------------------------------------------


I have signed the same document twice, one of the documents is verified as valid with the IBM XML security suit and the other is invalid according to the same suit.

But if you look at the document reference

<Reference URI="#T33F4">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>kh+fjTciEttBSDaWYFeVw97kGRg=</DigestValue>
</Reference>

you can see that no transformation is applied, in particular not c14n.

and the diference betwen the two documents is than in the valid one the referenced area is c14n transformed and in the invalid
document no transformation is applied to the referenced area before calculating the referenced area digest.

they only change that the transformation makes in this case is eliminate one white space where it says:

<Documento  ID="T33F4"> (you have two whitespaces beten Docmento and ID) after applying c14n is removed.

The question is shouldn´t be the opposite? If no transformation is mentioned in the reference are, why apply c14n?
or c14n must be applied as default?
Thanks in advance,
Martin
Received on Thursday, 9 June 2005 17:10:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:40 UTC