> The only difference that I can see are the missing namespaces. That doesn't seem right unless our XML was already indented the same way as the transform would.
> No, the problem also occurs if I drop that line (and every other output > property). Or do you mean the whole transformer approach will not work? I have no idea. I certainly believe that's what's breaking it, that or your c14n afterwards, which isn't guaranteed to work either. You really have little freedom with the XML, almost anything you do could break the signature. > In any case, if I use a parser to read the file back in and apply a C14N > transform, the signature should be valid again? No. Once it's trashed, it's probably trashed. All you can do is meticulously compare node sets during signing and verifying, and see why they're different. Either that or have a really good grasp of c14n and actually eyeball it. -- Scott
