> So... I am able to make this work be creating a new XMLSignature, > setting the data of the SignatureValue node of the new XMLSignature to > that of the original XMLSignature and then verifying the new > XMLSignature. This seems to work. I'm just curious if anybody thinks > that this is bad practice for some reason.
It's more like pointless practice, not bad practice. Whatever the problem is, it's probably a bug (or bugs) in your overall handling of the XML. Matter of fact, what you describe didn't even use to work well. There were lots of issues adding signature elements and immediately verifying them. You *had* to serialize and parse to use them. If the signature is breaking after, that wouldn't be unusual, but recreating the nodes with the same signature value would also fail in most cases because the DOM itself has been corrupted. So I think your bug is somewhere else, but no idea where. -- Scott
