O'Reilly logo

Secure XML: The New Syntax for Signatures and Encryption by Kitty Niles, Donald E. Eastlake

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

10.6. Security of Signatures

Because the XMLDSIG standard provides a very flexible digital signature mechanism, there are lots of ways to misuse it and produce insecure or misleading results. When designing a system using XMLDSIG, you should consider the factors discussed in this section.

10.6.1. Transforms

The Transforms mechanism makes it easy to sign data derived from processing the content of an identified resource. For instance, an application might wish to sign a form, but permit users to enter limited field data without invalidating a previous signature on the form. The application could use an XPath-based Transform to exclude those portions that the user will change. Transforms can also include encoding changes, canonicalization instructions, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required