You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de> on 2002/11/29 11:22:51 UTC
Re: Réf. : Re: Process XML Signature
--On Freitag, 29. November 2002 10:56 +0100 pascal.recchia@devoteam.com
wrote:
> Ma question is : Is the process signature : XML Elements (canocalization)
> canocalizated XML Elements (DigestAlgorithm) Digest (encryption)
> Signature value ?
It depends ;-)) You have usually a URI. Based on the URI, you de-reference
contents, either an octet stream or an XPath node set. Then you maybe have
transforms. Based on what exists and what these Transforms require and
produce, parsing or c14n steps are done on demand. At the end, the
resulting octets are digested. This is Reference generation/validation.
In Signature validation, the SignedInfo is bound to the signature value.
Christian