XML Signature: Does attribute order matter?

Discussion in 'XML' started by don.williams@loonatech.com, Aug 10, 2007.

  1. Guest

    Question: If you change the order of attributes within an element that
    is part of an XML signature, does that break the digital signature? I
    thought attribute order was irrelevant in XML.

    For example, suppose the original element when the XML Signature was
    created was:

    <MyElement a="123 b="456">

    and while traversing an intermediary the element gets changed to:

    <MyElement b="456" a="123>

    Will this break the digital signature?

    Thanks for any help on this.

    ...Don
     
    , Aug 10, 2007
    #1
    1. Advertising

  2. * wrote in comp.text.xml:
    >Question: If you change the order of attributes within an element that
    >is part of an XML signature, does that break the digital signature? I
    >thought attribute order was irrelevant in XML.


    That depends on the particular signature process. Generally speaking,
    the document will be put in some canonical form which puts attributes
    in a specific order, which would mean you can change the order without
    breaking the signature. This is not guranteed however, you have to
    check the signature process you are using to make sure.
    --
    Björn Höhrmann · mailto: · http://bjoern.hoehrmann.de
    Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
    68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
     
    Bjoern Hoehrmann, Aug 10, 2007
    #2
    1. Advertising

  3. .... or to put it another way: Yes, XML Signature itself cares about
    attribute order. Many of us think that was a serious mistake and that
    the signature should have been defined against the infoset rather than
    against the specific syntax... but it is what it is and we're stuck with
    it for now.

    --
    Joe Kesselman / Beware the fury of a patient man. -- John Dryden
     
    Joseph Kesselman, Aug 10, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. SpaceCowboy
    Replies:
    6
    Views:
    541
    SpaceCowboy
    Aug 14, 2003
  2. hilz
    Replies:
    1
    Views:
    571
    Richard Tobin
    Jan 18, 2006
  3. Mark
    Replies:
    5
    Views:
    593
  4. pete
    Replies:
    20
    Views:
    689
    Richard Bos
    Jun 13, 2005
  5. Brian Dude

    Does structure order matter?

    Brian Dude, Jan 22, 2006, in forum: C Programming
    Replies:
    8
    Views:
    328
    Brian Dude
    Jan 24, 2006
Loading...

Share This Page