Hi,

My patch don't handle well this test case. It seems that it take on account that the signed info is going to be c14n, reparsed & reimported. But this is not alway the case. The SignedInfo is not c14n and reimported if the c14n method is "safe". As stated in the second paragraph of this mail
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html. And also in the REC http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod-NOTE, it saids clearly that the above behavior is not always but only for arbitrary c14n methods.


What do you think is the good behavior? For me it is weird to have a test case that relays in this kind of unstandard behavior. And the parse and imports is a very wasteful process that need to be only done with insecure c14n. But if you think that the test is correct I can correct my patch and send it back again.

Regards

Reply via email to