- From: merlin <merlin@baltimore.ie>
- Date: Wed, 16 May 2001 15:28:52 +0100
- To: "Rob Lugt" <roblugt@elcel.com>
- Cc: w3c-ietf-xmldsig@w3.org
Hi Rob, r/roblugt@elcel.com/2001.05.16/15:13:01 >One last try at a workable solution whilst adhering to the c14n >specification:- re-use the same namespace prefix from the SOAP header. > ><ns:Envelope xmlns:ns="http://schemas.xmlsoap.org/soap/envelope/"> > <ns:Body> > ... > <Contract xmlns="&foo;"> > <ns:Signature xmlns:ns="&dsig;">...</ns:Signature> > </Contract> > </ns:Body> ></ns:Envelope> > >I think the namespace prefix should ideally be a descriptive name which >makes this solution less than elegant. But perhaps it satisfies your >current requirement? I've actually solved it for myself by using a framework that can defer signing until the final document is complete. This is okay for my particular needs, but it won't work for someone who is using, for example, Apache's SOAP framework (which never builds a DOM tree, but instead manually marshals the SOAP envelope in text format*) or who has no control over the final embedding of their signature. My concern really revolves a bit more around interop and the dsig spec than this particular instance. Merlin * It does make the namespace available, but not through DOM. ----------------------------------------------------------------------------- Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses. http://www.baltimore.com
Received on Wednesday, 16 May 2001 10:32:36 UTC