At 14:56 04/02/01 -0800, Jim Schaad wrote:
I would think very carefully before I looked at adopting the XML signature
specification for signing messages, especially if you are looking at only
doing partial signing of documents.
One of the biggest issues that has evolved over the development of this
specification is the concept of canonicalization. The problem with this is
that many XML parsers play games with whitespace (lose it, gain it, combine
it, ignore it) and an system where nodes read and write back out XML on the
way to deliver things can cause many problems of keeping data unchanged.
XML defines exactly what an XML processor (parser) can do and what not.
It's somewhat complicated at first sight, but there are no choices.
Of course, the application on top of the parser may do whatever it chooses,
but that's a different issue. For details, please see
If different parsers actually give you different whitespace for
the same document, at least one of them is non-conformant.