[xmlsec] Emailing: EdTestFormNoMSO.zip
ed.shallow at rogers.com
Wed Sep 24 08:29:28 PDT 2003
Yes, there is no burning reason to carry different element names for each
signature. I thought I'd need distinct names for countersignature support,
but I don't believe I do. Even in that scenario, the counter-signature
should arguably be over all existing signatures, etc ...
From: Aleksey Sanin [mailto:aleksey at aleksey.com]
Sent: September 24, 2003 10:07 AM
To: Edward Shallow
Cc: xmlsec at aleksey.com
Subject: Re: [xmlsec] Emailing: EdTestFormNoMSO.zip
>1) In the Pre-Digest buffer (see below) I will get extra white space
>and/or CRLFs for every "subtract" I add in the transform chain. Do I
>need to do another Canonicalization after the set of filters ? Can this
>be expressed as a transform ?
It's OK. You just need to remember that XML includes not only element but
also text nodes.
For example if you have following XML
then you have 3 element nodes and 3 text nodes. If you remove, say,
<Signature1/>, the text nodes around it stay. Thus you would have
If you want to remove this text node "\n " then you need to specify it
in the XPath expression but
actually there is no reason to do this.
>2) Is there any way to do a "wildcard" type thing with the "subtract"
>so I might use only a single filter instead of one for every
>//SignatureN ? Like a sort of //Signature(*) or something ?
It's an XPath expression and //dsig:Signature should do it
More information about the xmlsec