I have made a couple of modifications to example 2. Here's my thinking: Based on what I read in the document on example 2, it was supposed to be like example 1, except it was supposed to build the signature section dynamically. However, it also changed the transform algorithm from enveloped to C14N inclusive. It also introduced the Reference Id. I think while these concepts are worthwhile, perhaps they don't belong in the second example.
For simplicity's sake, I changed the transform back to enveloped and removed the signature Id and URI. This should make it easier for people to understand the example when comparing it's functionality to Example 1. It also eliminates the need for the doctype, which is something you may not want to introduce so early in the example set. I think the original Example 2 is still quite helpful, as it does introduce concepts not demonstrated in example 1. I just think that in this case, it would be better to focus on the intended differences between example 1 and example 2 (to demonstrate the dynamic addition of the signature). Logically, I think the new example should be 'example 2', and the other examples should be pushed up by one (example 2 becomes 3, 3 becomes 4). Attached is the patch. Hopefully it will be of help. Thanks, -- Devin Heitmueller Senior Software Engineer Netilla Networks Inc
diff-dsig2.gz
Description: GNU Zip compressed data
