You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de> on 2002/11/29 11:22:51 UTC

Re: Réf. : Re: Process XML Signature

--On Freitag, 29. November 2002 10:56 +0100 pascal.recchia@devoteam.com 
wrote:

> Ma question is : Is the process signature : XML Elements (canocalization)
> canocalizated XML Elements (DigestAlgorithm) Digest (encryption)
> Signature value ?

It depends ;-)) You have usually a URI. Based on the URI, you de-reference 
contents, either an octet stream or an XPath node set. Then you maybe have 
transforms. Based on what exists and what these Transforms require and 
produce, parsing or c14n steps are done on demand. At the end, the 
resulting octets are digested. This is Reference generation/validation.

In Signature validation, the SignedInfo is bound to the signature value.

Christian