- From: Rasmussen Jesper Broe <Jesper.Broe.Rasmussen@icl.dk>
- Date: Wed, 15 Nov 2000 14:50:23 +0100
- To: "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org>
Hi My experience with XML is quite limited, and therefore I'm quite confused when it comes to the combination af Digital Signature and XML. Suppose I have the following Signature object : <Signature ID="Signature1"> <SignedInfo> <CanonicalizationMethod ...../> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI="http://server1/doc_1.txt"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>hiy9yGYSiuhyYH8HHHh89Y89H8H=</DigestValue> </Reference> <Reference URI="http://server2/doc_2.txt">.....</Reference> <Reference URI="http://server3/doc_3.txt">.....</Reference> </SignedInfo> <SignatureValue>dfsubuas7r83n48Ujji8JnO8HJEmij-</SignatureValue> <KeyInfo>.....</KeyInfo> </Signature> Then what is actually being signed using the signaturemethod and my private key ? Is it the exact content between the <SignedInfo> tags as above ? or Is the contents of the three files doc_1.txt, doc_2.txt and doc_3.txt 'extracted' and included in the sha1 hash function of the SignatureMethod ? In other words, is the hash-part of SignatureMethod applied to the contents or to the reference and digest ? I hope my question make sense. Best regards Jesper Broe Rasmussen System Consultant ICL Invia Klamsagervej 19, 8230 Åbyhøj Tlf.: 44 89 44 89 Dir. tlf.: 44 89 42 37 Fax: 89 35 16 16 Web: www.icl.dk
Received on Wednesday, 15 November 2000 08:50:39 UTC