Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 17250 invoked from network); 4 Jun 2007 20:36:58 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 4 Jun 2007 20:36:58 -0000 Received: (qmail 16415 invoked by uid 500); 4 Jun 2007 20:36:44 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 16391 invoked by uid 500); 4 Jun 2007 20:36:43 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: security-dev@xml.apache.org List-Id: Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 16376 invoked by uid 99); 4 Jun 2007 20:36:43 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Jun 2007 13:36:43 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of raul.benito.garcia@gmail.com designates 66.249.92.173 as permitted sender) Received: from [66.249.92.173] (HELO ug-out-1314.google.com) (66.249.92.173) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Jun 2007 13:36:39 -0700 Received: by ug-out-1314.google.com with SMTP id h2so900878ugf for ; Mon, 04 Jun 2007 13:36:18 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=kBX1ozVbKE5aqjlA0fauj7B2+oFPfaAvEVb3vV3avL5kYO1m8/B6uSdyF6uQtdUdjOURNQMPxXwtgnvOY0OthJN/+zJIJWXZ3rvYiJRaiFCiK6VC0WpC9UOY7YrERDUjspDefbry7McQ7Qm6Zv2uXXErEnSat6zZwlhJr+/+TMU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=CDO+wCvVBRy0hZiUw5EBV4KKeJqQethegY7a+1+xuHVdBK3ucmXJ1lXnvhab/fcdHDBMD2T4/JUlIDS9bI2GQaaOWZ5hW2GfptKxcQp4Daa13AxfLb9gV2QcEZofKoMdzTV3IAJrsPBb0pK6pzU3IpsxMJ/jnefSB5af8L0XXak= Received: by 10.82.127.14 with SMTP id z14mr7224269buc.1180989377612; Mon, 04 Jun 2007 13:36:17 -0700 (PDT) Received: by 10.82.125.7 with HTTP; Mon, 4 Jun 2007 13:36:17 -0700 (PDT) Message-ID: <949ac9410706041336s3f07702ev8d5e3e1171c3bc01@mail.gmail.com> Date: Mon, 4 Jun 2007 13:36:17 -0700 From: "Raul Benito" Sender: raul.benito.garcia@gmail.com To: security-dev@xml.apache.org Subject: Re: Signature and children - redundant namespace declarations In-Reply-To: <465C7438.5060504@georgetown.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <465C7438.5060504@georgetown.edu> X-Google-Sender-Auth: e959dc755dfba9b1 X-Virus-Checked: Checked by ClamAV on apache.org Can you post an example of the behaviour (a code and an output)? On 5/29/07, Brent Putman wrote: > When I generate a signature using XMLSignature, the library is > redundantly adding the signature namespace declaration on every child > element of the ds:Signature element. Is there any way that this > behavior can be avoided or turned off? Am I doing something wrong? I > looked in the docs, I couldn't find any relevant settings, but maybe I > missed something. > > It would be ideal if it could be declared only once, on the ds:Signature > object itself. I know it's mostly a cosmetic thing, but one of our > OpenSAML users noticed and inquired about it, so I wanted to see if > there is an easy solution. If not, the only alternative I could think > of was to post-process the DOM and remove the redundant declarations > (before signing, of course). > > Thanks, > Brent > -- http://r-bg.com