Best way to include parts of the security header in a signature/encryption?

[Christof Soehngen <Ch...@SYRACOM.DE>]

Hello everybody!
 
I have the following security handler in mind:
 
- Take input SOAP message
- Add Security header
- Add Nonce
- Add UserInformation (more than a token, but nothing special, only a collection of string-elements)
- Sign Body, Nonce and Userinformation
- Encrypt Body, Nonce, UserInformation and Signature
 
Problem is the signature/encryption point: One possibility would be to include 3 or 4 references, but this is terribly slow (as far as i've seen, maybe this has to to with a bug I mentioned in my last post).
 
The other alternative would be a transformation, that filters all other elements.
Has anyone experiences how complex implementing such a transformation is?
Or are there any better ways to reach the goal?
 
Thanks,
Christof
###########################################

This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
For more information, connect to http://www.F-Secure.com/