Signing of XML documents needs care, since any change in the document like
introduction of white space, change of case tend to change the signature.
The following two points to be kept in mind when going for signing the document:
1. Content Presentation techniques may introduce changes
2. Transformation may alter the content
XML relies on transformations and substitutions during the processing of XML
documents. For example, if an XML document includes an embedded style sheet or
references to an external style sheet, the transformed document should be represented to
the user rather than the document without the style sheet. In this case, the signer should be
careful to sign not only the original XML but also the other information that may affect the
presentation.
documents. For example, if an XML document includes an embedded style sheet or
references to an external style sheet, the transformed document should be represented to
the user rather than the document without the style sheet. In this case, the signer should be
careful to sign not only the original XML but also the other information that may affect the
presentation.
While due consideration is not been given for handling the original and transformed
document, it will return a different result than intended. As in any security infrastructure,
the security of an overall system will depend on the security and integrity of procedures
and personnel as well as procedural enforcement.
All the points are very important and should be considered while signing XML documents. I am bookmarking this article and will share these points with my friends too. Thanks for posting.
ReplyDeletedigital certificate