Mikolaj, That's no problem, I won't trust anyone anymore ;). I understand that you are working on the problem and I won't bother you with questions about when this is fixed. But what is important to me is that coming releases will work on 1.3 JRE, but looking at the state of HEAD of the CVS repository I fear ... Can you tell me what your strategy is going to be regarding this issue.
Joris -----Oorspronkelijk bericht----- Van: Mikolaj Habryn [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 1 oktober 2004 11:01 Aan: [EMAIL PROTECTED] Onderwerp: Re: Fix for vanishing attribute namespace prefixes On Fri, 2004-10-01 at 18:35, Wijlens, Joris (J.) wrote: > But when I try to verify message1 it fails. I think because I think > the appearing xmlns="" 's in message2 are taken into account when > signing the message (?? and message1 doesn't have them). Am I doing > something wrong here? You definitely are; the clear blunder that you're guilty of is trusting the email that I sent. I thought that I had tested that this technique worked at the time that I wrote the email, but you're quite right, transferring the signature back to the original document, contrary to my words, doesn't in fact work. At all. I was hoping I'd get some time to work out why and send through some fixes before anybody actually noticed ;) Eyeballing the content doesn't seem to adequately explain why it doesn't work; in theory, you take document A, serialize and re-parse it, leaving you with document A (again), you then insert a signature into it. Inserting a signature should be a matter of c14n'ing document A, which should *still* leave you with document A, and then inserting an element somewhere. Given that all of those steps should happen the same way when validating a signature, one would think that one should be able to take the signature element out and insert it into any of the previous versions of document A, and, as long as it's always in the same place in the document, it should still validate. Clearly, it doesn't, meaning that one or more of those transformations is non-isomorphic. I'm looking at the c14n bit here, since I don't think it has any business munging the original document anyway, although it should theoretically still work even if it does. Sorry for misleading you! m.
