On Monday 24 September 2001 06:32, Amir Herzberg wrote: > No, simply for the reference you've put in the manifest to be valid, > e.g.: > <Reference URI="foo.xml#b"> > > Without putting the `id="b"` in the EncryptedData I think this reference > won't identify this element. But you aren't signing the encrypted data, but it's decrypted form. So having it have the same ID might be nice, but I don't think it's required (from a philosophical point of view.) It might help you stage your processing, but those things will have to be decrypted first anyway, but the Decryption Transform. For this I still think that we > must either use DigestValue in the EncryptedData, and a transform to > sign only the DigestValue, or a transform to remove the entire > EncryptedData and sign it only via Manifest as you suggested. Ok, I'll put the question to the list.Received on Wednesday, 26 September 2001 19:25:44 UTC
This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:02 UTC