[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [xml] Re: Attributes without knowing name
- From: Rich Salz <rsalz datapower com>
- To: "petrovic corp earthlink net" <petrovic corp earthlink net>
- Cc: "xml gnome org" <xml gnome org>
- Subject: Re: [xml] Re: Attributes without knowing name
- Date: Sat, 11 Jan 2003 13:24:25 -0500 (EST)
> When signing, the string that is signed must be identical to the one
> which is checked at some later time. The problem with this and XML
> is that attribute order isn't important, and libxml and Xerces orders
> them diffrently, so I need to sort them. The signer must be general,
> so it shouldn't need to know the names of the attributes in the
> given element.
If you are doing digital signatures of XML data, you should look at
the IETF/W3C standard for XML Digital signatures. The process of
ordering attributes like you describe is called canonicalization (c14n);
there are also IETF/W3C standard for XML c14n.
Even better: there is a free library C/C++ (xmlsec) built on top of
xmllib and openssl that implements XML DSIG; it also has XML C14N,
which was donated to xmllib.
You can find all the other URL's of interest here:
http://www.aleksey.com/xmlsec/
/r$
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]