- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Mon, 01 Jul 2002 22:54:53 +0200
- To: "Simon St.Laurent" <simonstl@simonstl.com>
- cc: Elliotte Rusty Harold <elharo@metalab.unc.edu>, xml-dev@lists.xml.org, w3c-ietf-xmldsig@w3.org
Hi Simon, hi Elliotte, I've seen the summary on the XInclude discussion on [1] where you all talk about the fact/'problem' that Canonical XML does not resolve XIncludes. Just a comment on that it's not a problem for XML Signature [2]: XML Signature has the concept of transforms. If XInclude is important for you and you want to sign an 'expanded' document, simply specify an XInclude transform which does what you need (just a little bit out of context of the reference): <ds:Transforms> <ds:Transform Algorithm="http://simonstl.com/#myXIncludeTransform" /> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> </ds:Transforms> If you enforce by a Transform that XIncludes are resolved, canonical XML does canonicalize all the included stuff. Hope that helps, Christian [1] <http://weblogs.userland.com/eclectic/discuss/msgReader$369?mode=day> [2] <http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/>
Received on Monday, 1 July 2002 16:54:24 UTC