[xmlsec] Modifications to example 2

Devin Heitmueller dheitmueller at netilla.com
Fri Aug 30 11:52:45 PDT 2002


I have made a couple of modifications to example 2.  Here's my thinking:

Based on what I read in the document on example 2, it was supposed to be
like example 1, except it was supposed to build the signature section
dynamically.  However, it also changed the transform algorithm from
enveloped to C14N inclusive.  It also introduced the Reference Id.  I
think while these concepts are worthwhile, perhaps they don't belong in
the second example.

For simplicity's sake, I changed the transform back to enveloped and
removed the signature Id and URI.  This should make it easier for people
to understand the example when comparing it's functionality to Example
1.  It also eliminates the need for the doctype, which is something you
may not want to introduce so early in the example set.

I think the original Example 2 is still quite helpful, as it does
introduce concepts not demonstrated in example 1.  I just think that in
this case, it would be better to focus on the intended differences
between example 1 and example 2 (to demonstrate the dynamic addition of
the signature).  Logically, I think the new example should be 'example
2', and the other examples should be pushed up by one (example 2 becomes
3, 3 becomes 4).

Attached is the patch.  Hopefully it will be of help.

Thanks,

-- 
Devin Heitmueller
Senior Software Engineer
Netilla Networks Inc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff-dsig2.gz
Type: application/x-gzip
Size: 544 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20020830/1e01ac41/diff-dsig2.bin


More information about the xmlsec mailing list