From: "Tobias Rademacher" <[EMAIL PROTECTED]>
> Hi Bill,
> > Actually, I think this misses the point. If you can express a subtree
> > in cononical form, then you can do a secure hash on it. This opens the
> > door to digital signatures.
> >
> > Basically what is needed is the ability to recreate the same secure
> > hash, by feeding the same connonical form to the hash algorithm.
> >
> > It is the secure hash which is the thing that is signed. So you need
> > to test if the document fragment has the same hash.
>
> Yes, that's one application of
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315.
> The problem I think is to provide the withespace C_a_nonicalization
(pretty
> word, good training if your are not orginal american or english...).
> If i overflow the document I guess it's necessary to provide either a
> Canonicalization
> DocumentFactory and CanonicalizationBuilder classes or a
CanonicalNormalizer
> to achive
> that the document is balance in the way that W3C described.
>
> This weekend I go into CanonicalComprator which means that I try to apply
> the spec in order to be able to compare two documents.
>
> It's James decision to decide if dom4j needs the Canonicalization feature
or
> not. If he agree with your request I (and you catch *g*) will try to
> implement that feature.
Hey I'd love to add full support for XML Signatures. One area I'm
increasingly using dom4j for is in the SOAP / web services arena for which
security and XML Signatures are important. So lets do whatever we need.
Maybe we need some kind of CanonicalTreeWalker thing (or CanonicalVisitor?).
Or just a CanonicalHasher that just makes the hash needed by the XML
Signature spec.
I haven't looked into XML Signatures much yet so I'll bow to both of your
knowledge on this one. Whatever you need lets do it and add it to dom4j in
as nice a way as possible.
James
_______________________________________________
dom4j-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/dom4j-user
