Explain the relevance of canonical XML to digital signatures. What contextual information can be
included in the canonical form? Give an example of a breach of security where the context is
omitted from canonical form
What will be an ideal response?
Digital signatures are used to ensure that the information content has not changed since the document was
digitally signed. The signature is initially generated using a digest calculation based on the canonical form of
the document, which eliminates insignificant differences. After its transmission, the receiving application
applies the same algorithm to the document, producing another digest of the canonical form, and the two
digests are compared. If they differ, it means the canonical forms differ, so the document must have been
altered since it was signed.
The contextual information consists of all of the namespaces declared and the values of attributes that surround
a particular XML element. The inclusion of context in canonical XML ensures that the particular element
cannot be used out of context - or in a different context.
If the context is omitted, the canonicalised element can be placed in a different context. For example, the value
of an attribute in the context may be crucial to the document being signed. It might for example, be an
exchange rate.
You might also like to view...
For the array to be accessible by each button's Click event procedure, it will need to be declared as a class-level array.
Answer the following statement true (T) or false (F)
Press the ________ key to move to the next cell to the right in a Word table
A) Insert B) Shift C) Enter D) Tab
Which of the following protocols provides encryption to protect the data as it is transmitted over the network?
A. HTTP B. SHTTP C. FTP D. TFTP E. SFTP F. options a and b only G. options c, d, and e only H. options a and c only I. options b and e only J. all of the options
The individual elements of all global and static arrays are, by default, set to ____ at compilation time.
A. NULL B. -1 C. 0 D. 1