[xmlsec] Xml Signature verification failure

Aleksey Sanin aleksey at aleksey.com
Tue Jun 17 08:48:24 PDT 2003


Sorry, I did read your question before I got first cup of coffein drink
this morning :) Please ignore the part about FAQ and attribute ID
(in your case, the <Object> element is inside <Signature> element
and it has an "implicit" DTD from xmlsec library itself).

Now back to your question. We have something like this:
    <Root xmlns="http://examples.com">
        <Object>Test</Object>
    </Root>
According to the spec [1] , the non-default namespace node is
rendered only if it is in the XPath node-set. In our case,
the XPath expression selects *only* <Object/> node itself
and none of its namespaces or attributes nodes. Thus I think
that xmlsec/libxml do the right thing by returning
    <Object></Object>
after c14n.  But as usual with XPath/C14N questions you might
want to get a second opinion on this.


Aleksey


[1] http://www.w3.org/TR/2001/REC-xml-c14n-20010315#ProcessingModel





More information about the xmlsec mailing list