Michael McIntosh wrote:
Francisco Sepulveda <[EMAIL PROTECTED]> wrote on 01/08/2008 02:55:46
PM:
Michael, if i understand right the http://www.remote-server.com/file.doc
by definition (w3c) is a detached signature because it point to a
"thing" located external to the signature itself
"Enveloped or enveloping signatures are over data within the same XML
document as the signature; detached: signatures are over data external to
the signature element."
The problem is that you do not know whether file.doc is the XML document
containing the Signature. Essentially:
<Reference URI="http://www.remote-server.com/file.doc";>
might be equivalent to:
<Reference URI="">
In that case, there should also be an explicit XPath Transform that
removes the Signature element from the document before it is
canonicalized and digested. I don't think you can use the Enveloped
Transform because (I think) it requires the input to be a node-set of
the Signature's document.
--Sean
