- From: merlin <merlin@baltimore.ie>
- Date: Thu, 02 Aug 2001 15:18:11 +0100
- To: edsimon@xmlsec.com
- Cc: reagle@w3.org, bdournaee@rsasecurity.com, w3c-ietf-xmldsig@w3.org
I'd guess that something like not ((name() = "URI") and parent::dsig:Reference) might work. merlin r/edsimon@xmlsec.com/2001.08.02/09:37:38 >>>This would allow me to change the URI without altering the validity of >the >>>signature. >> >>If it's being used in the Canonical XML context, remove the '//@*' from: >> (//. | //@* | //namespace::*) > > >Correct me if I'm wrong but wouldn't the above remove ALL attributes, not >just the one Blake wants removed. > >I'm not sure that there is an XPath solution but the solution in XSLT would >look like this: > > ><?xml version="1.0" encoding="UTF-8"?> ><xsl:stylesheet version="1.0" > xmlns:xsl ="http://www.w3.org/1999/XSL/Transform" > xmlns:xmlsig="http://www.w3.org/2000/09/xmldsig#"> > ><!-- Identity transform --> ><xsl:template match="@*|node()"> > <xsl:copy> > <xsl:apply-templates select="@*|node()"/> > </xsl:copy> ></xsl:template> > > ><!-- Skip the Reference/@URI attribute --> ><xsl:template match="xmlsig:Reference/@URI" priority="2"/> > > ></xsl:stylesheet> > > >-------------------------------------------------- >Ed Simon >XMLsec Inc. - XML Security Training and Consulting > > ----------------------------------------------------------------------------- Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses. http://www.baltimore.com
Received on Thursday, 2 August 2001 10:18:59 UTC