[xmlsec] more then one signature in the document

Aleksey Sanin aleksey at aleksey.com
Thu Dec 5 09:44:10 PST 2002 

I am sorry but I am not sure I clear understand your problem completelly
but I think that you have a known "ID attribute w/o DTD" problem
(see section 3.2 of the FAQ http://www.aleksey.com/xmlsec/faq.html).
On the other hand, I am not sure why you could not use an empty URI
for the last reference:
    <Reference Id="my-reference "URI="">
and using an enveloped transform to exclude this signature itself. By 
doing this
the last signature will sign all the other documents and you'll be fine.


Aleksey.


david.varas at usach.cl wrote:

>Aleksey:
>
>I have a document with various signatures, in the end of the document have
>to including the signature of ALL the document, like this: 
>
><?xml version="1.0" encoding="UTF-8" ?> 
>
> <Document>
> <SetDOCID="SetDoc">
> <.....>
><Doc1>
> <DocumentoID="ID1">
>   <.......>
>  </Documento>
>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"Id="my-signature">
>  <SignedInfo>
>  <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
>/> 
>  <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
>/> 
> <ReferenceId="my-reference"URI="#T33F000002">
> .........
>   </Signature>
>
>  </Doc1>
>  <Doc 2>
>  <DocumentoID="ID2">
>  <..........>
>  </Documento>
>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"Id="my-signature">
>  <.......>
>  <ReferenceId="my-reference"URI="#T33F000003">
>
>  </Signature>
>  </Doc2>
>
>  <Doc3>
>  <DocumentoID="D3">
>  <.........>
>  </Documento>
>
>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"Id="my-signature">
>  <SignedInfo>
>  <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
>/> 
>  <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
>/> 
>  <ReferenceId="my-reference"URI="#T33F000004">
>  ......
>  </Signature>
>  </Doc3>
>
>
>
>  </SetDOC>
>
>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"Id="my-signature">
>  <SignedInfo>
>  <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
>/> 
>  <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
>/> 
>  <ReferenceId="my-reference"URI="#SetDoc">
>  <......THIS IS THE FIRM OF  THE DOCUMENT>
>  </Signature>
>  </Document>
>
>basicly my "document" is a lot of documents signed. but to verify the document
>I get some problems with the references.
>
>for do this, the reference id "my reference" should be null, or diferent
>for each part of set DTE, it's posible make this with xmlsec or not.
>
>Thanks
>
>
>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>  
>

More information about the xmlsec mailing list