http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-o-ManifestThe document from W3C on XML Signatures describes 2 uses of the 'Manifest' element. [Please refer to the link above]:1) to give applications control over the validation of Signature.2) to provide an efficient solution for applying a number of signatures using different keys to a number of documents at onceThe explanation given in the W3C document is:"Consider an application where many signatures (using different keys) are applied to a large number of documents. An inefficient solution is to have a separate signature (per key) repeatedly applied to a large SignedInfo element (with many References); this is wasteful and redundant. A more efficient solution is to include many references in a single Manifest that is then referenced from multiple Signature elements."My doubt is that the same (use no. 2) can be accomplished without Manifest element.An application can have all the References in one 'SignedInfo' element, and multiple 'Signature' elements (using different keys) can then refer to that 'SignedInfo' element fromwithin their 'SignedInfo' element.Won't this accomplish the same thing?
“Manifest” element in W3C XML Signatures
- Thread starter KoolAid
- Start date