You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by bu...@apache.org on 2007/09/03 10:37:34 UTC

DO NOT REPLY [Bug 42599] - Integration of a full-featured XPointer resource resolver.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42599>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42599





------- Additional Comments From drunix@gmx.de  2007-09-03 01:37 -------
(In reply to comment #7)
> I've tried the xpointer resolver for generating signatures for the german
> banking interface EBICS which uses #xpointer(//*[@authenticate='true']) to sign
[...]

After rechecking the EBICS spec I think there is a difference in what their
reference declaration says what is to sign and what they actually want to sign
based on their informal description. They say that they want to sign everything
contained in elements with attribute authenticate set to true including the
elements itself, so I think they actually want to sign
"//*[@authenticate='true']/descendant-or-self::*". So probably
CanonicalizerBase.canonicalizeXPathNodeSet is right thing to not include child
nodes of selected nodes. 

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.