Dear Aleksey About transform, I want to check if my understanding is wrong. Under self-referencing signature, the result node set of Xpath should be canonicalized. The CanonicalizationMethod only decides how the SignedInfo canonicalized. If no c14n Transform specified, then xmlsec applies the default c14n, which is http://www.w3.org/TR/2001/REC-xml-c14n-20010315 The enveloped signature transform will remove the signature node in the content to sign, while nothing needs to be done in enveloping or detached signature.
And about multi-signature suggestion, is there any suggested rule to generate signatures? It seems that enveloped signature is not suitable for this kind of use.
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
