[xmlsec] Signaute that does not sign a node
aleksey at aleksey.com
Mon Nov 30 08:41:46 PST 2020
I believe that technically inability to resolve a URI for a Reference
(e.g. ID in your case) should result in a failure for calculating digest
thus making the signature invalid.
On 11/25/20 7:31 PM, Timothy Legge wrote:
> I recently had a file that had three signatures but one of the
> References in the file did not point to anything in the XML file.
> What does one do with that? In my case I used the reference to look
> for a matching node with the ID set to the value of the reference.
> Since it was not in the file, I skipped processing that signature.
> I know it's a little off topic for this list but I imagine you have
> seen something similar before.
> xmlsec mailing list
> xmlsec at aleksey.com
More information about the xmlsec