Hi David - Is the data you are signing going to be opaque, binary data? That is, are you going to be interpreting the data to be signed as XML, or are you considering it to be raw binary?
Will you be referring to the data to be signed via an external URI (e.g. http://www.some-location/mydata.bin). There is another type of detached signature (same-document detchaed) where the data to be signed is within the current XML document, but sibling to the <ds:Signature> element. Is this the type of detached signature that you are interested in? I suppose I'm trying to understand your impetus for using XML Signature if you are going to be signing binary data. Kind Regards, Blake Dournaee Senior Security Architect Sarvega, Inc. -----Original Message----- From: David Wall @ Yozons, Inc. [mailto:[EMAIL PROTECTED] Sent: Saturday, June 19, 2004 9:41 AM To: [EMAIL PROTECTED] Subject: ThreeSignerContract example -- detached signatures examples? In my application, the data being signed can be quite large (1MB and more), even though most may only be 100-250k range. The ThreeSignerContract sign/verify examples are quite interesting, but in my case, each of those parties will be in different locations, signing at different times, and we'd like our system to only transmit the new signature when it takes place and not the entire data wrapped in a signature. I'd like to be able to send the DETACHED ds:Signature elements only and thus update the other party's copies to include the new signature so that the next time they review their document, the system will show them the newly arrived digital signature. Is there a good example of creating a DETACHED signature in the distribution? Thanks, David
