[OpenID] Signing method for XRD
Hans Granqvist
hans at granqvist.com
Wed Jun 10 18:59:05 UTC 2009
> Once you digitally sign a document, though physically the document remains
> in tact and retains its content type, after the act of signing, it is really
> a frozen bunch of bits. And if you dont make that distinction you get into
> all sorts of tangles. And that was the mistake made by XMLDSig. In other
> words after signing the Content-Type should be binary, whatever you want to
> call it. After verification it takes up its original Content-Type.
In XML these two are equivalent:
<a foo="1" bar="2"/>
<a bar="2" foo="1" />
A signing process needs to understand this, and that is what XML Dsig does.
XML was not defined to be a wire format.
Hans
More information about the general
mailing list