- From: Richard Himes <rhimes@nmcourt.fed.us>
- Date: Thu, 19 Aug 1999 11:26:59 -0600
- To: w3c-ietf-xmldsig@w3.org
I posted this problem recently and didn't get a response, so I'm guessing it hasn't been addressed. Suppose that there are two (or more) signed elements in two (or more) different documents, that they are signed by local reference (href to #id), and that they are to be combined to form a new document, perhaps a legal document that has collected a history of signed events for a brief. Suppose further that it is inescapable that, in general, duplicate ids will result, which is not well formed XML (and confuses the signature algorithms.) These ids will have to be renumbered, which will break some of the signatures. I believe we should include a mapping element for each affected <Signature> element, which is outside the manifest (not signed), such as <IdMap>4=1 5=2 6=3</IdMap> Thus, if this signature signed elements with id='1', id='2', id='3' in the original document, and these ids had to be changed to 4, 5, and 6 respectively in the combined document, the map would allow the ids (of these pieces) to be converted back to their original state for authentication. AFAIK, the map would be unable to "lie" (breach security) and still obtain valid signatures for the referenced elements. Thanks, Rich
Received on Thursday, 19 August 1999 13:28:01 UTC