[xmlsec] Xml Signature verification failure
Aleksey Sanin
aleksey at aleksey.com
Tue Jun 17 08:48:24 PDT 2003
Sorry, I did read your question before I got first cup of coffein drink
this morning :) Please ignore the part about FAQ and attribute ID
(in your case, the <Object> element is inside <Signature> element
and it has an "implicit" DTD from xmlsec library itself).
Now back to your question. We have something like this:
<Root xmlns="http://examples.com">
<Object>Test</Object>
</Root>
According to the spec [1] , the non-default namespace node is
rendered only if it is in the XPath node-set. In our case,
the XPath expression selects *only* <Object/> node itself
and none of its namespaces or attributes nodes. Thus I think
that xmlsec/libxml do the right thing by returning
<Object></Object>
after c14n. But as usual with XPath/C14N questions you might
want to get a second opinion on this.
Aleksey
[1] http://www.w3.org/TR/2001/REC-xml-c14n-20010315#ProcessingModel
More information about the xmlsec
mailing list