- From: Christian Geuer-Pollmann <Christian.Geuer-Pollmann@microsoft.com>
- Date: Mon, 24 Apr 2006 09:01:32 +0100
- To: "Anders Rundgren" <anders.rundgren@telia.com>, <w3c-ietf-xmldsig@w3.org>
Anders, Your right both times. (1) The CanonicalizationAlgorithm in the SignedInfo does not change the default c14n for a Transforms chain, so there is no "inheritance" or so. (2) When you want excl-c14n at the end of a transforms chain, you must explicitly mention that (as you did in your example). Best, Christian -----Original Message----- From: w3c-ietf-xmldsig-request@w3.org [mailto:w3c-ietf-xmldsig-request@w3.org] On Behalf Of Anders Rundgren Sent: Sonntag, 23. April 2006 20:31 To: w3c-ietf-xmldsig@w3.org Subject: Default Transform for same-doc references It *seems* that a Reference that references the same document does not "inherit" canonicalization from SignatureInfo but rather use http://www.w3.org/TR/2001/REC-xml-c14n-20010315 Have I got this correct? If I use exclusive canonicalization( http://www.w3.org/2001/10/xml-exc-c14n# ) in SignedInfo, I assume that it would be logical to use this also for a http://www.w3.org/2000/09/xmldsig#enveloped-signature But then I need TWO Transform elements! <Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </Transforms> Right? thanx Anders Rundgren
Received on Monday, 24 April 2006 10:15:05 UTC